This affects all versions of package... CVE-2021-23428

7.5 AV AC AU C I A
发布: 2021-09-01
修订: 2024-11-21

This affects all versions of package elFinder.NetCore. The Path.Combine(...) method is used to create an absolute file path. Due to missing sanitation of the user input and a missing check of the generated path its possible to escape the Files directory via path traversal

0%
暂无可用Exp或PoC
当前有1条受影响产品信息