Security Advisory

CVE-2022-39036

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-10 02:20:44

Last updated 2025-05-01 19:06:40

Assigner twcert

State PUBLISHED

Description

The file upload function of Agentflow BPM has insufficient filtering for special characters in URLs. An unauthenticated remote attacker can exploit this vulnerability to upload arbitrary file and execute arbitrary code to manipulate system or disrupt service.

← Browse all CVEs View on cve.org ↗