CVE-2022-25773
Relative Path Traversal in assets file upload
This advisory addresses a file placement vulnerability that could allow assets to be uploaded to unintended directories on the server.
* Improper Limitation of a Pathname to a Restricted Directory: A vulnerability exists in the asset upload functionality that allows users to upload files to directories outside of the intended temporary directory.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Productos afectados
Mautic · mautic/core¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →