pretalx 2.3.1 before 2.3.2 allows... CVE-2023-28459

- AV AC AU C I A
发布: 2023-04-20
修订: 2023-05-04

pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). Users were able to upload crafted HTML documents that trigger the reading of arbitrary files.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有1条受影响产品信息