exploitDog

GHSA-78cg-rc3q-pv8q

Опубликовано: 04 мар. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

CleverStupidDog yf-exam 1.8.0 is vulnerable to File Upload. There is no restriction on the suffix of the uploaded file, resulting in any file upload.

CleverStupidDog yf-exam 1.8.0 is vulnerable to File Upload. There is no restriction on the suffix of the uploaded file, resulting in any file upload.

Ссылки

EPSS

Процентиль: 24%

0.00083

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2023-25402

CVSS3: 7.5

nvd

почти 3 года назад

CleverStupidDog yf-exam 1.8.0 is vulnerable to File Upload. There is no restriction on the suffix of the uploaded file, resulting in any file upload.

EPSS

Процентиль: 24%

0.00083

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-434