CVE-2021-23772
Published
CVSS v3
7.5
HIGH
CVSS v2
6.8
MEDIUM
Affected
1
PROJECT
Description
This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. The unsafe handling of file names during upload using UploadFormFiles method may enable attackers to write to arbitrary locations outside the designated target folder.
The fastest HTTP/2 Go Web Framework. New, modern and easy to learn. Fast development with Code you control. Unbeatable cost-performance ratio :rocket:
GitHub