Go back

SPIP Bigup Multipart File Upload Command Injection

severity
critical
date
Affecting

  • 4.3.0 - 4.3.1

  • 4.2.0 - 4.2.15

  • Before 4.1.18

CVE
CVE-2024-8517
CVE type
Reliance on File Name or Extension of Externally-Supplied File
CVSS
9.8
CVSS V3 Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Credit
Louka Jacques-Chevallier