CVE-2023-29770
Published
CVSS v3
8.8
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
In Sentrifugo 3.5, the AssetsController::uploadsaveAction function allows an authenticated attacker to upload any file without extension filtering.
Sentrifugo is a FREE and powerful Human Resource Management System (HRMS) that can be easily configured to meet your organizational needs.
GitHub