2 matches found
CVE-2023-24720
An arbitrary file upload vulnerability in readium-js v0.32.0 allows attackers to execute arbitrary code via uploading a crafted EPUB file...
CVE-2023-24720
This CVE concerns readium-js v0.32.0, where an arbitrary file upload vulnerability could allow attackers to execute arbitrary code by uploading a crafted EPUB file. The NVD entry assigns CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base score 9.8 (CRITICAL), indicating a network-attack, no pri...