Security Advisory

CVE-2013-6234

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-11-22 18:46:25

Last updated 2024-08-06 17:38:59

Assigner mitre

State PUBLISHED

Description

Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, aka "XSS File Upload."

← Browse all CVEs View on cve.org ↗