CVE-2021-23427

Published: 2021-09-01T15:15Z

Last Modified: 2024-11-21T05:51Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

This affects all versions of package elFinder.NetCore. The ExtractAsync function within the FileSystem is vulnerable to arbitrary extraction due to insufficient validation. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt