CVE-2023-38941

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-38941

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-38941.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-38941

Published

2023-08-04T00:15:13.757Z

Modified

2025-11-15T06:44:28.014666Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

django-sspanel v2022.2.2 was discovered to contain a remote command execution (RCE) vulnerability via the component sspanel/admin_view.py -> GoodsCreateView._post.

References

https://github.com/Ehco1996/django-sspanel

Affected packages

Git / github.com/ehco1996/django-sspanel

Affected ranges

Type: GIT
Repo: https://github.com/ehco1996/django-sspanel
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

0cfcf1c03821244cb1dfa090194017a8e52a3db3

Affected versions

2.*

2.1

2.3

2.4

v2.*

v2.5

v2020.*

v2020.11.11

v2022.*

v2022.2.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-38941.json"