CVE-2021-23772

Published: 2021-12-24T12:15Z

Last Modified: 2024-11-21T05:51Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. The unsafe handling of file names during upload using UploadFormFiles method may enable attackers to write to arbitrary locations outside the designated target folder. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt