CVE-2018-17341

2018-09-2305:29:00

Google

osv.dev

AI Score

7.2

Confidence

Low

EPSS

0.004

Percentile

74.1%

JSON

BigTree 4.2.23 on Windows, when Advanced or Simple Rewrite routing is enabled, allows remote attackers to bypass authentication via a …\ substring, as demonstrated by a launch.php?bigtree_htaccess_url=admin/images/…\ URI.

References

github.com/bigtreecms/BigTree-CMS/issues/345