Количество 2
Количество 2
CVE-2019-17352
In JFinal cos before 2019-08-13, as used in JFinal 4.4, there is a vulnerability that can bypass the isSafeFile() function: one can upload any type of file. For example, a .jsp file may be stored and almost immediately deleted, but this deletion step does not occur for certain exceptions.
GHSA-279p-pc38-xx4p
JFinal file validation vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-17352 In JFinal cos before 2019-08-13, as used in JFinal 4.4, there is a vulnerability that can bypass the isSafeFile() function: one can upload any type of file. For example, a .jsp file may be stored and almost immediately deleted, but this deletion step does not occur for certain exceptions. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| GHSA-279p-pc38-xx4p JFinal file validation vulnerability | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу