File Path Disclosure Vulnerability in InvoicePlane 1.5.11

File Path Disclosure Vulnerability in InvoicePlane 1.5.11

CVE-2021-29022 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

In InvoicePlane 1.5.11, the upload feature discloses the full path of the file upload directory.

Learn more about our Web Application Penetration Testing UK.