What the vulnerability does
01Description
Improper Control of Generation of Code ('Code Injection') vulnerability in The4 Molla molla allows Code Injection.This issue affects Molla: from n/a through <= 1.5.13.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
What the vulnerability does
Improper Control of Generation of Code ('Code Injection') vulnerability in The4 Molla molla allows Code Injection.This issue affects Molla: from n/a through <= 1.5.13.
Explanation of Vulnerability in Simple Terms
Molla versions up to 1.5.13 contain a code injection vulnerability that allows attackers to inject and execute arbitrary code. The vulnerability requires specific network conditions and technical setup to exploit, but can affect confidentiality, integrity, and availability across the application. Site administrators should update to a version newer than 1.5.13 as soon as a patch becomes available.
What an attacker can do
Inject and execute arbitrary code on the site under specific network conditions.
Potential impact on your site
Attackers could read sensitive data, modify site content, or disrupt service availability.
Conditions required to exploit
Network access; no authentication or user interaction required, but attack complexity is high.
Key dates
External resources
Related vulnerabilities