CVE-2021-40886
Published
CVSS v3
6.5
MEDIUM
CVSS v2
4
MEDIUM
Affected
1
PROJECT
Description
Projectsend version r1295 is affected by a directory traversal vulnerability. A user with Uploader role can add value `2` for `chunks` parameter to bypass `fileName` sanitization.
ProjectSend is a free, open source software that lets you share files with your clients, focused on ease of use and privacy. It supports clients groups, system users roles, statistics, multiple languages, detailed logs... and much more!
GitHub