CVE-2021-29022

CVE-2021-29022

EPSS 1.0%

In InvoicePlane 1.5.11, the upload feature discloses the full path of the file upload directory.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://notnnor.github.io/research/2021/03/17/full-path-discloure-in-invoiceplane.html