CVE-2020-18190
Published
CVSS v3
9.1
CRITICAL
CVSS v2
6.4
MEDIUM
Affected
1
PROJECT
Description
Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-profile-picture.
Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-profile-picture.
GitHub