First published: Wed Apr 29 2020(Updated: )
admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data in the subpages value within a block to blocks/edit.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Intelliants Subrion | <=4.2.1 | |
composer/intelliants/subrion | <=4.2.1 | |
<=4.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2020-12469.
The title of this vulnerability is 'admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data in the subpages value within a block to blocks/edit.'
The severity of CVE-2020-12469 is medium with a severity value of 6.5.
The Subrion CMS version 4.2.1 is affected by CVE-2020-12469.
To fix CVE-2020-12469, it is recommended to update your Subrion CMS installation to a version that is not affected by this vulnerability.