Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2021-44123

SPIP 4.0.0 is affected by a remote command execution vulnerability. To exploit the vulnerability, an attacker must craft a malicious picture with a double extension, upload it and then click on it to execute it.

Related bugs and status

CVE-2021-44123 (Candidate) is related to these bugs:

Bug #1971185: Multiple vulnerabilities in Bionic and Impish

		In	Importance	Status
1971185	Multiple vulnerabilities in Bionic and Impish	spip (Ubuntu)	Undecided	Fix Released
1971185	Multiple vulnerabilities in Bionic and Impish	spip (Ubuntu Bionic)	Undecided	Fix Released
1971185	Multiple vulnerabilities in Bionic and Impish	spip (Ubuntu Impish)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://git.spip.net/s...