CVE-2023-29770
In Sentrifugo 3.5, the AssetsController::uploadsaveAction function allows an authenticated attacker to upload any file without extension filtering.
8.8CVSS
8.5AI Score
0.001EPSS