CVE-2021-46897

Published October 22nd, 2023

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

views.py in Wagtail CRX CodeRed Extensions (formerly CodeRed CMS or coderedcms) before 0.22.3 allows upward protected/..%2f..%2f path traversal when serving protected media.

coderedcorp/coderedcms

Wagtail + CodeRed Extensions enabling rapid development of marketing-focused websites.

GitHub

765