Описание
User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening.
Ссылки
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.0.0 (включая) до 5.0.15 (включая)
cpe:2.3:a:stackideas:easydiscuss:*:*:*:*:*:joomla\!:*:*
EPSS
Процентиль: 15%
0.00047
Низкий
8.8 High
CVSS3
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 8.8
github
22 дня назад
User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening.
EPSS
Процентиль: 15%
0.00047
Низкий
8.8 High
CVSS3
Дефекты
CWE-434