CVE-2023-1877 MEDIUM

CVE-2023-1877: Command Injection in microweber/microweber

Vendor Microweber
Product microweber/microweber
Weakness CWE-77
Published April 5, 2023
Last update February 10, 2025

CVSS base score

6.1/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L

What the vulnerability does

01Description

Command Injection in GitHub repository microweber/microweber prior to 1.3.3.

Key dates

02Disclosure timeline

April 5, 2023 CVE published
February 10, 2025 Record updated