Vulnerability Database

296,137

Total vulnerabilities in the database

CVE-2022-25773

This advisory addresses a file placement vulnerability that could allow assets to be uploaded to unintended directories on the server.

  • Improper Limitation of a Pathname to a Restricted Directory: A vulnerability exists in the asset upload functionality that allows users to upload files to directories outside of the intended temporary directory.

CVSS v3:

  • Severity: Unknown
  • Score:
  • AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CWEs:

OWASP TOP 10:

Software From Fixed in
Composer icon mautic / core - 5.2.3