2 matches found
CVE-2021-47746
NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerability that allows administrative users to write files to arbitrary system locations through the emoji upload API. Attackers with admin access can craft file upload requests with directory traversal to overwrite system files by...
Emoji for NodeBB security vulnerability
Emoji for NodeBB is an emoji plugin developed by NodeBB. Version 3.2.1 of Emoji for NodeBB contains a security vulnerability. This vulnerability stems from the possibility of arbitrary file writing through the emoji upload API, which could lead to overwriting system files...