← back
CVE-2020-23995

CVE-2020-23995

EPSS 1.5%
An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote authenticated attackers to get the upload data path via a workspace upload.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cwe.mitre.org/data/definitions/209.htmlhttps://docu.ilias.de/goto_docu_pg_118817_35.htmlhttps://docu.ilias.de/goto_docu_pg_122177_35.htmlhttps://docu.ilias.de/goto_docu_pg_124761_35.htmlhttps://github.com/ILIAS-eLearning/ILIAS/commit/94d9b16010ec3abeae8d2cbb05622ccd999119ad