Miggo Logo

CVE-2020-26231: Bypass of fix for CVE-2020-15247, Twig sandbox escape

5.2

CVSS Score
3.1

Basic Information

EPSS Score
0.10347%
Published
11/23/2020
Updated
1/9/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
october/cmscomposer= 1.0.4691.0.470

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

### Imp**t * *yp*ss o* *V*-****-***** (*ix** in *.*.*** *n* *.*.*) w*s *is*ov*r** t**t **s t** s*m* imp**t *s *V*-****-*****: *n *ut**nti**t** ***k*n* us*r wit* t** `*ms.m*n***_p***s`, `*ms.m*n***_l*youts`, or `*ms.m*n***_p*rti*ls` p*rmissions w*o w

Reasoning

No *n*lysis *v*il**l*