CVE-2022-41216 - Cloudflow - Local File Inclusion Vulnerability
| CVE | CVE-2022-41216 | |||||||||||
| Discovered by |
|
|||||||||||
| Credits |
|
|||||||||||
| Affected products |
|
|||||||||||
| Page author | Victor Pasman | |||||||||||
| CVSS |
Base score:
8.3
(HIGH) |
|||||||||||
| References |
|
|||||||||||
| Problem type(s) | CWE-829: Inclusion of Functionality from Untrusted Control Sphere | |||||||||||
| Impact(s) | CAPEC-252 PHP Local File Inclusion | |||||||||||
| Solution(s) | Upgrade to version 2.3.2 of Cloudflow | |||||||||||
| Last modified | 21 Feb 2023 21:05 |
Description
Local File Inclusion vulnerability within Cloudflow allows attackers to retrieve confidential information from the system.
JSON version