CKEditor Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2023-31541
A unrestricted file upload vulnerability was discovered in the Browse and upload images feature of the CKEditor v1.2.3 plugin for Redmine which allows arbitrary files to be uploaded to the server.