Security Advisory

CVE-2021-23427

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-01 14:30:17
Last updated 2024-09-16 16:38:08
Assigner snyk
State PUBLISHED

Description

This affects all versions of package elFinder.NetCore. The ExtractAsync function within the FileSystem is vulnerable to arbitrary extraction due to insufficient validation.