Security Advisory

CVE-2020-13241

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-05-20 18:53:38
Last updated 2024-08-04 12:11:19
Assigner mitre
State PUBLISHED

Description

Microweber 1.1.18 allows Unrestricted File Upload because admin/view:modules/load_module:users#edit-user=1 does not verify that the file extension (used with the Add Image option on the Edit User screen) corresponds to an image file.