1 results (0.004 seconds)
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1999023
https://notcve.org/view.php?id=CVE-2018-1999023
23 Jul 2018 — The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and player content. The Battle for Wesnoth Project desde la versión 1.7.0 hasta la 1.14.3 contiene una vulnerabilidad de inyección de código en el motor de scripting de Lua que puede resultar en la ejecución de código fuera... • https://gist.github.com/shikadiqueen/45951ddc981cf8e0d9a74e4b30400380 • CWE-94: Improper Control of Generation of Code ('Code Injection') •