CVE-2023-42180 · Vexday

CVE-2023-42180

EPSS 0.6%

An arbitrary file upload vulnerability in the /user/upload component of lenosp 1.0-1.2.0 allows attackers to execute html code via a crafted JPG file.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://gitee.com/zzdevelop/lenosp/issues/I7X760