Security Advisory

CVE-2017-1000238

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-11-17 03:00:00

Last updated 2024-09-17 03:59:58

Assigner mitre

State PUBLISHED

Description

InvoicePlane version 1.4.10 is vulnerable to a Arbitrary File Upload resulting in an authenticated user can upload a malicious file to the webserver. It is possible for an attacker to upload a script which is able to compromise the webserver.

← Browse all CVEs View on cve.org ↗