CVE-2021-40886 - CERT CVE

  1. CVE-2021-40886

ID CVE-2021-40886
Sažetak Projectsend version r1295 is affected by a directory traversal vulnerability. A user with Uploader role can add value `2` for `chunks` parameter to bypass `fileName` sanitization.
Reference
CVSS
Base: 4.0
Impact: 2.9
Exploitability:8.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW SINGLE
Impact
PovjerljivostCjelovitostDostupnost
NONE PARTIAL NONE
CVSS vektor AV:N/AC:L/Au:S/C:N/I:P/A:N
Zadnje važnije ažuriranje 16-10-2021 - 00:56
Objavljeno 11-10-2021 - 11:15