nvd-json-data-feeds/CVE-2024/CVE-2024-331xx/CVE-2024-33103.json

{
  "id": "CVE-2024-33103",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-04-30T18:15:19.923",
  "lastModified": "2024-08-02T03:15:23.713",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [
    {
      "sourceIdentifier": "cve@mitre.org",
      "tags": [
        "disputed"
      ]
    }
  ],
  "descriptions": [
    {
      "lang": "en",
      "value": "An arbitrary file upload vulnerability in the Media Manager component of DokuWiki 2024-02-06a allows attackers to execute arbitrary code by uploading a crafted SVG file. NOTE: as noted in the 4267 issue reference, there is a position that exploitability can only occur with a misconfiguration of the product."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de carga de archivos arbitrarios en el componente Media Manager de DokuWiki 2024-02-06a permite a los atacantes ejecutar c\u00f3digo arbitrario cargando un archivo SVG manipulado. NOTA: como se indica en la referencia del problema 4267, existe la posibilidad de que la explotabilidad solo pueda ocurrir con una mala configuraci\u00f3n del producto."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://github.com/dokuwiki/dokuwiki/issues/4267",
      "source": "cve@mitre.org"
    }
  ]
}