Security Advisory

CVE-2019-14280

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-07-26 03:52:46

Last updated 2024-08-05 00:12:42

Assigner mitre

State PUBLISHED

Description

In some circumstances, Craft 2 before 2.7.10 and 3 before 3.2.6 wasnt stripping EXIF data from user-uploaded images when it was configured to do so, potentially exposing personal/geolocation data to the public.

← Browse all CVEs View on cve.org ↗