Security Advisory

CVE-2024-30248

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-02 14:55:17

Last updated 2024-08-02 01:32:05

Assigner GitHub_M

State PUBLISHED

Description

Piccolo Admin is an admin interface/content management system for Python, built on top of Piccolo. Piccolos admin panel allows media files to be uploaded. As a default, SVG is an allowed file type for upload. An attacker can upload an SVG which when loaded can allow arbitrary access to the admin page. This vulnerability was patched in version 1.3.2.

← Browse all CVEs View on cve.org ↗