Schneider Electric U.motion Builder file_picker remote code execution vulnerability
U.motion Builder is a builder product from Schneider Electric France. A remote code execution vulnerability exists in Schneider Electric U.motion Builder filepicker. The user-specified upload path is not constrained, so any logged-in user can upload a file to any location in the system that is...