Описание
HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts invalid file uploads, including incorrect content types, double extensions, null bytes, and special characters, allowing attackers to upload and execute malicious files.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:hcltech:dryice_myxalytics:6.3:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00259
Низкий
1.6 Low
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-434
CWE-434
Связанные уязвимости
CVSS3: 1.6
github
около 1 года назад
HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts invalid file uploads, including incorrect content types, double extensions, null bytes, and special characters, allowing attackers to upload and execute malicious files.
EPSS
Процентиль: 49%
0.00259
Низкий
1.6 Low
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-434
CWE-434