CVE-2023-45880

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Nov 14, 2023
Updated: Nov 17, 2023
CWE ID 22

Summary

CVE-2023-45880 is a vulnerability found in GibbonEdu through version 25.0.0. It allows for Directory Traversal via the report template builder, enabling an attacker to create PHP files outside of the uploads directory and directly in the webroot. This vulnerability affects multiple products, including jwjtCF, jxhUpd, r6Wi2K, and others. The risk score for this vulnerability is 25, with a base severity of HIGH and a base score of 7.2 according to NIST. The potential danger it poses to organizations includes a high impact on integrity and confidentiality, as well as a high availability impact. To remediate this vulnerability, it is recommended to update GibbonEdu to a version that addresses the issue or apply any available patches or security updates provided by the vendor.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-45880 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options