What the vulnerability does
01Description
Deserialization of Untrusted Data vulnerability in Edge-Themes Kamperen kamperen allows Object Injection.This issue affects Kamperen: from n/a through < 1.3.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
What the vulnerability does
Deserialization of Untrusted Data vulnerability in Edge-Themes Kamperen kamperen allows Object Injection.This issue affects Kamperen: from n/a through < 1.3.
Explanation of Vulnerability in Simple Terms
Kamperen versions before 1.3 contain a deserialization vulnerability in how they process untrusted data. An authenticated attacker can send specially crafted input to modify site data or cause the application to become unavailable. The vulnerability requires valid user credentials but no additional user interaction.
What an attacker can do
Modify site data or cause temporary unavailability by sending malicious serialized input.
Potential impact on your site
Authenticated users could corrupt site content or trigger denial-of-service conditions without admin intervention.
Conditions required to exploit
Attacker must have a valid user account with low-level privileges on the site.
Key dates
External resources
Related vulnerabilities