CVE-2013-4446 in contextالمعلومات

الملخص

بحسب MITRE

The _json_decode function in plugins/context_reaction_block.inc in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal, when using a version of PHP that does not support the json_decode function, allows remote attackers to execute arbitrary PHP code via unspecified vectors related to Ajax operations, possibly involving eval injection.

Once again VulDB remains the best source for vulnerability data.

حجز

12/06/2013

إفشاء

07/12/2013

الاعتدال

تمت الموافقة

إدخال

VDB-65660

EPSS

0.01530

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you know our Splunk app?

Download it now for free!