4 matches found
CVE-2023-33690
SonicJS up to v0.7.0 allows attackers to execute an authenticated path traversal when an attacker injects special characters into the filename of a backup CMS...
CVE-2023-33690
SonicJS up to v0.7.0 allows attackers to execute an authenticated path traversal when an attacker injects special characters into the filename of a backup CMS...
CVE-2023-33690
SonicJS up to v0.7.0 allows attackers to execute an authenticated path traversal when an attacker injects special characters into the filename of a backup CMS...
CVE-2023-33690
Summary: SonicJS v0.7.0 and earlier are affected by an authenticated path traversal via special characters injected into the backup CMS filename. Evidence across multiple sources identifies the issue as a filename-injection vulnerability leading to path traversal. Impact: authenticated access cou...