CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-31372

Wiris Mathtype v7.28.0 was discovered to contain a path traversal vulnerability in the resourceFile parameter. This vulnerability is exploited via a crafted request to the resource handler.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/wiris/moodle-filter_wiris/commit/037ce9c1d9b9642689a332b6ebee8eaf0a737576
https://github.com/wiris/moodle-filter_wiris/commit/037ce9c1d9b9642689a332b6ebee8eaf0a737576

Products affected by CVE-2022-31372

Wiris » Mathtype » Version: 7.28.0

cpe:2.3:a:wiris:mathtype:7.28.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-31372

Products

Pricing

Contact Us