6 matches found
CVE-2023-28459
pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export a non-default feature. Users were able to upload crafted HTML documents that trigger the reading of arbitrary files...
CVE-2023-28459
pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export a non-default feature. Users were able to upload crafted HTML documents that trigger the reading of arbitrary files...
CVE-2023-28459
pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export a non-default feature. Users were able to upload crafted HTML documents that trigger the reading of arbitrary files...
CVE-2023-28459
pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export a non-default feature. Users were able to upload crafted HTML documents that trigger the reading of arbitrary files...
CVE-2023-28459
Pretalx 2.3.1 up to 2.3.2 is vulnerable to path traversal in the HTML export feature. Crafted HTML documents uploaded for the non-default HTML export path can cause arbitrary file reads. The issue is tied to how the export package includes files referenced by HTML tags without proper path validat...
CVE-2023-28459
pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export a non-default feature. Users were able to upload crafted HTML documents that trigger the reading of arbitrary files...