← Back to CVE List
CVE-2023-29770
Published:
2023-11-28T00:15Z
Last Modified:
2024-11-21T07:57Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
In Sentrifugo 3.5, the AssetsController::uploadsaveAction function allows an authenticated attacker to upload any file without extension filtering. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt