3 matches found
CVE-2022-38638
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...
CVE-2022-38638
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...
CVE-2022-38638
Casdoor v1.97.3 is affected by an arbitrary file-write vulnerability exploitable via the fullFilePath parameter in /api/upload-resource. The CVE-2022-38638 entry is rated CRITICAL (CVSS 3.1: AV=N, AC=L, PR=N, UI=N, S=U, C=N, I=H, A=H) with network access and no user interaction. Root cause, impac...