2 matches found
CVE-2023-40497
LG Simple Editor saveXml Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2023-40497
CVE-2023-40497 – LG Simple Editor : The vulnerability lies in the saveXml command of the makeDetailContent method, where a user-supplied path is not properly validated before use in file operations. This directory traversal flaw allows an attacker to execute arbitrary code with SYSTEM privileges ...