Unauthenticated Arbitrary File Upload Vulnerability in Symphony CMS Rich Text Formatter Extension

Unauthenticated Arbitrary File Upload Vulnerability in Symphony CMS Rich Text Formatter Extension

CVE-2019-13187 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The Rich Text Formatter (Redactor) extension through v1.1.1 for Symphony CMS has an Unauthenticated arbitrary file upload vulnerability in content.fileupload.php and content.imageupload.php.

Learn more about our Cms Pen Testing.