Exploitation Summary
CVE-2023-52085 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
Winter is a free, open-source content management system. Users with access to backend forms that include a ColorPicker FormWidget can provide a value that would then be included without further processing in the compilation of custom stylesheets via LESS. This had the potential to lead to a Local File Inclusion vulnerability. This issue has been patched in v1.2.4.
Nuclei Templates (1)
Winter CMS Local File Inclusion - (LFI)
MEDIUMby sanineng
Shodan:
title:"Winter CMS" || http.title:"winter cms"
FOFA:
title="Winter CMS" || title="winter cms"
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
https://github.com/wintercms/winter/security/advisories/GHSA-2x7r-93ww-cxrq
Scores
CVSS v3
3.3
EPSS
0.3017
EPSS Percentile
98.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
Details
CWE
CWE-22
Status
published
Products (2)
winter/wn-backend-module
0 - 1.2.4Packagist
wintercms/winter
< 1.2.4
Published
Dec 29, 2023
Tracked Since
Feb 18, 2026