Security Advisory

CVE-2025-56815

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-24 00:00:00

Last updated 2025-09-24 17:23:05

Assigner mitre

State PUBLISHED

Description

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal in the POST /viz/image interface, since the server directly uses MultipartFile.transferTo() to save the uploaded file to a path controllable by the user, and lacks strict verification of the file name.

← Browse all CVEs View on cve.org ↗