Vulnerability Details CVE-2021-33353
Directory Traversal vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via the file attachment directory setting.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.0%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2021-33353
-
cpe:2.3:a:wyomind:help_desk:-
-
cpe:2.3:a:wyomind:help_desk:1.0.0
-
cpe:2.3:a:wyomind:help_desk:1.0.1
-
cpe:2.3:a:wyomind:help_desk:1.0.2
-
cpe:2.3:a:wyomind:help_desk:1.1.0
-
cpe:2.3:a:wyomind:help_desk:1.1.1
-
cpe:2.3:a:wyomind:help_desk:1.2.0
-
cpe:2.3:a:wyomind:help_desk:1.2.1
-
cpe:2.3:a:wyomind:help_desk:1.2.2
-
cpe:2.3:a:wyomind:help_desk:1.2.3
-
cpe:2.3:a:wyomind:help_desk:1.2.4
-
cpe:2.3:a:wyomind:help_desk:1.2.5
-
cpe:2.3:a:wyomind:help_desk:1.3.0
-
cpe:2.3:a:wyomind:help_desk:1.3.2
-
cpe:2.3:a:wyomind:help_desk:1.3.3
-
cpe:2.3:a:wyomind:help_desk:1.3.4
-
cpe:2.3:a:wyomind:help_desk:1.3.5
-
cpe:2.3:a:wyomind:help_desk:1.3.6