The file upload functionality is not implemented correctly and allows uploading of any type of file. As a prerequisite, it is necessary for the attacker to log into the application with a valid username.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Sep 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: INCIBE
Published:
Updated: 2024-09-19T20:02:40.437Z
Reserved: 2023-08-02T11:53:00.948Z
Link: CVE-2023-4097

Updated: 2024-08-02T07:17:12.063Z

Status : Modified
Published: 2023-10-03T11:15:25.663
Modified: 2024-11-21T08:34:23.123
Link: CVE-2023-4097

No data.