CVE-2023-1105 HIGH

CVE-2023-1105: External Control of File Name or Path in flatpressblog/flatpress

Vendor Flatpressblog

Product flatpressblog/flatpress

Weakness CWE-73

Published March 1, 2023

Last update March 11, 2025

CVSS base score

7.5/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

External Control of File Name or Path in GitHub repository flatpressblog/flatpress prior to 1.3.

Key dates

March 1, 2023 CVE published

March 11, 2025 Record updated

External resources

Related vulnerabilities

CVE CVE-2023-1105

CWE CWE-73

CVSS 7.5 / HIGH

Vendor Flatpressblog

Product flatpressblog/flatpress

Affected ≥ unspecified and < 1.3