What is CVE-2023-0947?

CVE-2023-0947 is a high-severity vulnerability in Flatpressblog Flatpressblog/flatpress, classified under Path Traversal. CVSS score: 8.1/10. Published 2023-02-22.

How severe is CVE-2023-0947?

High severity. CVSS v3 base score is 8.1 out of 10.

Path Traversal in Flatpressblog Flatpressblog/flatpress

CVE-2023-0947

Path Traversal in GitHub repository flatpressblog/flatpress prior to 1.3.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.530 (98.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H.

Affected products

Flatpressblog Flatpressblog/flatpress — versions unspecified

Weakness classification (CWE)

CWE-22 — Path Traversal

References

huntr.dev/bounties/7379d702-72ff-4a5d-bc68-007290015496
github.com/flatpressblog/flatpress/commit/9c4e5d6567e446c472f3adae3b2fe612f6687…

Frequently asked questions

What is CVE-2023-0947?: CVE-2023-0947 is a high-severity vulnerability in Flatpressblog Flatpressblog/flatpress, classified under Path Traversal. CVSS score: 8.1/10. Published 2023-02-22.
How severe is CVE-2023-0947?: High severity. CVSS v3 base score is 8.1 out of 10.