← back
CVE-2022-2111

Unrestricted Upload of File with Dangerous Type in inventree/inventree

CVSS 9 CRITICALEPSS 1.2%CWE-434
Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2.
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Affected products
inventree · inventree/inventree

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84fhttps://huntr.dev/bounties/a0e5c68e-0f75-499b-bd7b-d935fb8c0cd1