CVE-2017-1000238

Published: 2017-11-17T03:29Z

Last Modified: 2024-11-21T03:04Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

InvoicePlane version 1.4.10 is vulnerable to a Arbitrary File Upload resulting in an authenticated user can upload a malicious file to the webserver. It is possible for an attacker to upload a script which is able to compromise the webserver. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt