CKEditor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-31541)
Description
A unrestricted file upload vulnerability was discovered in the ‘Browse and upload images’ feature of the CKEditor v1.2.3 plugin for Redmine, which allows arbitrary files to be uploaded to the server.