CVE-2020-13894

Published June 7th, 2020

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

5

MEDIUM

Affected

1

PROJECT

Description

handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961 allows an attacker to download arbitrary files via the savefilepath field.

kbgsft/vuln-dext5editor

GitHub