Arbitrary File Write Vulnerability in ureport2 2.2.9 and Earlier: Unauthorized File Manipulation via Crafted POST Request
CVE-2023-50090 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Arbitrary File Write vulnerability in the saveReportFile method of ureport2 2.2.9 and before allows attackers to write arbitrary files and run arbitrary commands via crafted POST request.
Learn more about our Web Application Penetration Testing UK.