CVE-2023-3815

A vulnerability, which was classified as problematic, has been found in yproject RuoYi up to 4.7.7. Affected by this issue is the function uploadFilesPath of the component File Upload. The manipulation of the argument originalFilenames leads to cross site scripting. The attack may be launched...

CVE-2023-3815

CVE-2023-3815 affects y_project RuoYi (up to 4.7.7). The vulnerability is in the File Upload component, specifically the function uploadFilesPath where manipulation of the originalFilenames argument leads to cross-site scripting. The issue can be exploited remotely and does not require authentica...

CVE-2023-3815 y_project RuoYi File Upload uploadFilesPath cross site scripting

A vulnerability, which was classified as problematic, has been found in yproject RuoYi up to 4.7.7. Affected by this issue is the function uploadFilesPath of the component File Upload. The manipulation of the argument originalFilenames leads to cross site scripting. The attack may be launched...

PT-2023-26321 · Unknown · Y Project Ruoyi

Name of the Vulnerable Software and Affected Versions: y project RuoYi versions up to 4.7.7 Description: A vulnerability has been found in the function uploadFilesPath of the component File Upload. The manipulation of the argument originalFilenames leads to cross site scripting. The attack may be...