CVE-2025-11221 Remote Code Execution in GTONE ChangeFlow

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Unrestricted Upload of File with Dangerous Type vulnerability in GTONE ChangeFlow allows Path Traversal, Accessing Functionality Not Properly Constrained by ACLs.This issue affects ChangeFlow: from All versions through...

GTONE ChangeFlow 安全漏洞

GTONE ChangeFlow is an application change management software from GTONE Korea. A security vulnerability exists in GTONE ChangeFlow v9.0.1.1 and prior versions, which stems from improper pathname restrictions and unrestricted uploads of dangerous file types, which could lead to improper path...