CVE-2019-13187

CVE-2019-13187

EPSS 1.8%

The Rich Text Formatter (Redactor) extension through v1.1.1 for Symphony CMS has an Unauthenticated arbitrary file upload vulnerability in content.fileupload.php and content.imageupload.php.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://blog.contentsecurity.com.au/redactor-unrestricted-file-upload http://symphonyextensions.com/extensions/richtext_redactor/