CVE-2020-11476

CVE-2020-11476

EPSS 2.9%

Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangerous Type such as a .phar file.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/concrete5/concrete5/pull/8713 https://github.com/concrete5/concrete5/releases/tag/8.5.3 https://herolab.usd.de/security-advisories/https://herolab.usd.de/security-advisories/usd-2020-0041/