An arbitrary file upload vulnerability in the File Preview function of Xintongda OA v2023.12.30.1 allows attackers to execute arbitrary code via uploading a crafted PDF file.
References
Configurations
No configuration.
History
No history.
Information
Published : 2024-05-24 14:15
Updated : 2024-07-03 02:01
NVD link : CVE-2024-35595
Mitre link : CVE-2024-35595
CVE.ORG link : CVE-2024-35595
JSON object : View
Products Affected
No product.
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')