Vulnerability Details CVE-2023-29635
File upload vulnerability in Antabot White-Jotter v0.2.2, allows remote attackers to execute malicious code via the file parameter to function coversUpload.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.1%
CVSS Severity
CVSS v3 Score 9.8
References
- https://github.com/Antabot/White-Jotter/blob/c1c5d66fda090b986b8f46a7132d403e3b038c5d/wj/src/main/java/com/gm/wj/controller/LibraryController.java#L63
- https://github.com/Antabot/White-Jotter/issues/157
- https://github.com/Antabot/White-Jotter/blob/c1c5d66fda090b986b8f46a7132d403e3b038c5d/wj/src/main/java/com/gm/wj/controller/LibraryController.java#L63
- https://github.com/Antabot/White-Jotter/issues/157
Products affected by CVE-2023-29635
-
cpe:2.3:a:antabot_white-jotter_project:antabot_white-jotter:0.2.2