Vulnerability Details CVE-2022-29784
PublicCMS V4.0.202204.a and below contains an information leak via the component /views/directive/sys/SysConfigDataDirective.java.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.7%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- https://github.com/JinYiTong/CVE-Req/blob/main/publiccms/publiccms.md
- https://github.com/sanluan/PublicCMS/commit/d8d7626cf51e4968fb384e1637a3c0c9921f33e9
- https://github.com/JinYiTong/CVE-Req/blob/main/publiccms/publiccms.md
- https://github.com/sanluan/PublicCMS/commit/d8d7626cf51e4968fb384e1637a3c0c9921f33e9
Products affected by CVE-2022-29784
-
cpe:2.3:a:publiccms:publiccms:4.0
-
cpe:2.3:a:publiccms:publiccms:4.0.180707
-
cpe:2.3:a:publiccms:publiccms:4.0.180825
-
cpe:2.3:a:publiccms:publiccms:4.0.181024
-
cpe:2.3:a:publiccms:publiccms:4.0.190312
-
cpe:2.3:a:publiccms:publiccms:4.0.202004
-
cpe:2.3:a:publiccms:publiccms:4.0.202011
-
cpe:2.3:a:publiccms:publiccms:4.0.202011.b
-
cpe:2.3:a:publiccms:publiccms:4.0.202107
-
cpe:2.3:a:publiccms:publiccms:4.0.202107.b
-
cpe:2.3:a:publiccms:publiccms:4.0.202107.c
-
cpe:2.3:a:publiccms:publiccms:4.0.202107.d
-
cpe:2.3:a:publiccms:publiccms:4.0.202107.f
-
cpe:2.3:a:publiccms:publiccms:4.0.202204.a