Dext5: >> Dext5 >> 3.5.1402961 Security Vulnerabilities
A vulnerability (improper input validation) in the DEXT5 Upload solution allows an unauthenticated attacker to download and execute an arbitrary file via AddUploadFile, SetSelectItem, DoOpenFile function.(CVE-2020-7832)
CVSS Score
8.8
EPSS Score
0.008
Published
2021-09-07
handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961 allows an attacker to download arbitrary files via the savefilepath field.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-06-07