Does anyone know if the RCE vulnerability in CVE-2023-418925 (Github link) can be exploited without being logged into Craft? I have a couple of smaller sites that I'd rather not update right now.
Asked
Active
Viewed 1,791 times
1 Answers
2
Yes, it can be exploited whether you're logged in or not.
You can find more info at the following links:
Brad Bell
- 67,440
- 6
- 73
- 143
Jalen Davenport
- 3,045
- 1
- 9
- 24
-
Hi Jalen, thank you so much for your answer! It really helped me out. I appreciate your time and expertise. – Magnus Sep 20 '23 at 06:37
-
@Magnus sure thing, my pleasure – Jalen Davenport Sep 20 '23 at 12:56