Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
CKEditor Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2023-31541 - Vulnerability Database
CKEditor

CKEditor Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2023-31541

Critical
Reference: CVE-2023-31541
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-31541
Title: CKEditor Unrestricted Upload of File with Dangerous Type Vulnerability
Overview:

A unrestricted file upload vulnerability was discovered in the Browse and upload images feature of the CKEditor v1.2.3 plugin for Redmine which allows arbitrary files to be uploaded to the server.