Описание
/edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b allows authenticated users to upload arbitrary files (such as .html or .svg), and these are then publicly accessible under the /static URI.
EPSS
Процентиль: 13%
0.00042
Низкий
6.4 Medium
CVSS3
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 6.4
github
6 месяцев назад
/edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b allows authenticated users to upload arbitrary files (such as .html or .svg), and these are then publicly accessible under the /static URI.
EPSS
Процентиль: 13%
0.00042
Низкий
6.4 Medium
CVSS3
Дефекты
CWE-434