Arbitrary File Upload Vulnerability in Jaspersoft Clarity PPM Version 14.3.0.298 via Profile Picture Upload Function

Arbitrary File Upload Vulnerability in Jaspersoft Clarity PPM Version 14.3.0.298 via Profile Picture Upload Function

CVE-2023-37790 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Jaspersoft Clarity PPM version 14.3.0.298 was discovered to contain an arbitrary file upload vulnerability via the Profile Picture Upload function.

Learn more about our Web Application Penetration Testing UK.