CVE-2018-13299

Publication date

2019-04-01 14:31:19

Family

synology

State

PUBLISHED

Description

Relative path traversal vulnerability in Attachment Uploader in Synology Calendar before 2.2.2-0532 allows remote authenticated users to upload arbitrary files via the filename parameter.