CVE-2019-7684
The CVE-2019-7684 entry describes a vulnerability in inxedu (through 2018-12-24) where the file upload logic in VideoUploadController#gok4 (com/inxedu/os/common/controller/VideoUploadController.java) uses the /video/uploadvideo fileType parameter to control allowed extensions. An attacker can mod...