Description

Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload.

Remediation

References

CVE-2022-37159

Related Vulnerabilities

WordPress Plugin WooCommerce Security Bypass (5.6.0)

Dot CMS Uncontrolled Recursion Vulnerability (CVE-2022-37034)

WordPress Plugin Restricted Site Access Security Bypass (7.3.1)

WordPress Plugin Slideshow Multiple Cross-Site Scripting Vulnerabilities (2.1.14)

OpenSSL Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2023-0286)

Severity

Critical

Classification

CVE-2022-37159 CWE-434 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities