Eyodav/OpenPLC-Insecure-File-Upload
GitHub
Releases0
Authenticated users can upload arbitrary files (e.g. .html, .svg) as profile images in OpenPLC Runtime. These files are publicly accessible without authentication, allowing stored XSS or malicious content delivery .
Subscribe above to receive notifications when new versions are released.
| Version | Date | Stability Stability is determined by the version string and my be inaccurate. |
|---|
PreviousNext