3 matches found
CVE-2025-30343
creationtimestamp| type| source ---|---|--- 2025-03-21 06:21:43+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8318 2025-03-21 07:37:07+00:00| seen| https://t.me/cvedetector/20790 2025-03-21 09:18:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkuuyosqw...
CVE-2025-30343
A directory traversal issue was discovered in OpenSlides before 4.2.5. Files can be uploaded to OpenSlides meetings and organized in folders. The interface allows users to download a ZIP archive that contains all files in a folder and its subfolders. If an attacker specifies the title of a file o...
CVE-2025-30343
Summary: CVE-2025-30343 affects OpenSlides prior to version 4.2.5. Vulnerability: A directory traversal issue in the file upload and ZIP-download feature allows a crafted file/folder title (e.g., ../../../etc/passwd) to be treated as a path during ZIP generation, which may lead to overwriting fil...