CVE-2020-5840

Publication date

2020-01-06 17:21:07

Family

mitre

State

PUBLISHED

Description

An issue was discovered in HashBrown CMS before 1.3.2. Server/Entity/Resource/Connection.js allows an attacker to reach a parent directory via a crafted name or ID field.