CVE-2023-31541

A unrestricted file upload vulnerability was discovered in the ‘Browse and upload images’ feature of the CKEditor v1.2.3 plugin for Redmine, which allows arbitrary files to be uploaded to the server. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt