Unrestricted File Upload Vulnerability in Streampark

Unrestricted File Upload Vulnerability in Streampark

CVE-2022-45802 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Streampark allows any users to upload a jar as application, but there is no mandatory verification of the uploaded file type, causing users to upload some high-risk files, and may upload them to any directory, Users of the affected versions should upgrade to Apache StreamPark 2.0.0 or later

Learn more about our Cis Benchmark Audit For Apache Http Server.