CVE-2023-43187

Critical

A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows…

mitre·CWE-91·Published 2023-09-26

CVSS

9.8

EPSS

0.45

KEV

Exploits

cve.orgen

196 chars

A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests.

NVDen

196 chars

A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests.

Una vulnerabilidad de ejecución remota de código (RCE) en el endpoint xmlrpc.php del software del foro NodeBB Inc de NodeBB anterior a v1.18.6 permite a los atacantes ejecutar código arbitrario a través de solicitudes XML-RPC manipuladas.

CVE-2023-43187

CVSS metrics across sources