Vulnerability Details CVE-2019-12277
Blogifier 2.3 before 2019-05-11 does not properly restrict APIs, as demonstrated by missing checks for .. in a pathname.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References