CVE-2019-12901

Published: 2019-06-20T00:15Z

Last Modified: 2024-11-21T04:23Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Pydio Cells before 1.5.0 fails to neutralize '../' elements, allowing an attacker with minimum privilege to Upload files to, and Delete files/folders from, an unprivileged directory, leading to Privilege escalation. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt