CVE-2024-41454

Publication date

2025-01-15 00:00:00

Family

mitre

State

PUBLISHED

Description

An arbitrary file upload vulnerability in the UI login page logo upload function of Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary code via uploading a crafted PHP or HTML file.