File Upload Weakness in Pagekit by Pagekit
CVE-2022-38916

9.8CRITICAL

Key Information:

Vendor: Pagekit
Status: Pagekit
Vendor: CVE Published:; 20 September 2022

What is CVE-2022-38916?

A file upload vulnerability in the storage feature of Pagekit version 1.0.18 allows attackers to upload malicious files, potentially compromising the server and executing harmful actions. This flaw poses significant risks, making it crucial for users to apply the necessary updates and security measures to safeguard their systems.

References

https://github.com/pagekit/pagekit/issues/970

x_refsource_MISC

EPSS Score

16% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 20, 2022
Vulnerability Reserved
Aug 29, 2022

CVE-2022-38916 Data

JSON