Eyodav/OpenPLC-Insecure-File-Upload

Releases0

Authenticated users can upload arbitrary files (e.g. .html, .svg) as profile images in OpenPLC Runtime. These files are publicly accessible without authentication, allowing stored XSS or malicious content delivery .

Subscribe above to receive notifications when new versions are released.

	Version	Date	Stability Stability is determined by the version string and my be inaccurate.

Previous Next