CVE-2022-34486

Remote Code Execution in PukiWiki (PukiWiki におけるリモートコード実行)

An arbitrary server-side code may be executed upon opening a specially crafted HTML file.

Disclosure Date

2022/08/22

Credit

stypr (@stereotype32)

Affected-Versions

PukiWiki: v1.4.5 to v1.5.3

CWE

CWE-22

Product-URLs

https://pukiwiki.osdn.jp/

Reference