← back
CVE-2022-29623

CVE-2022-29623

EPSS 1.2%
An arbitrary file upload vulnerability in the file upload module of Express Connect-Multiparty 2.2.0 allows attackers to execute arbitrary code via a crafted PDF file. NOTE: the Supplier has not verified this vulnerability report.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/expressjs/connect-multiparty/releases/tag/2.2.0https://www.npmjs.com/package/connect-multipartyhttps://www.youtube.com/watch?v=i3xJR-91rrM