Cesanta: >> Mongoose >> 7.1 Security Vulnerabilities
This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mg_http_upload() method may enable attackers to write files to arbitrary locations outside the designated target folder.
CVSS Score
9.8
EPSS Score
0.014
Published
2022-02-18
Page 3