CVE-2024-13263

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno group manager allows PHP Local File Inclusion.This issue affects Opigno group manager: from 0.0.0 before 3.1.1.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.1 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://www.drupal.org/sa-contrib-2024-027

Configurations

No configuration.

History

10 Jan 2025, 22:15

Type	Values Removed	Values Added
Summary		(es) La vulnerabilidad de neutralización incorrecta de directivas en código guardado estáticamente ('inyección de código estático') en Drupal Opigno group manager permite la inclusión de archivos locales en PHP. Este problema afecta a Opigno group manager: desde la versión 0.0.0 hasta la 3.1.1.
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5

09 Jan 2025, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-09 20:15

Updated : 2025-01-10 22:15

NVD link : CVE-2024-13263

Mitre link : CVE-2024-13263

CVE.ORG link : CVE-2024-13263

JSON object : View

Products Affected

No product.

CWE

CWE-96

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')

5.5 /10