CVE-2024-25859
Blesta (before v5.9.2) is affected by CVE-2024-25859 due to a path traversal in the /path/to/uploads/ directory. The vulnerability allows an attacker to takeover user accounts and execute arbitrary code. Affected versions are prior to 5.9.2. Mitigation: upgrade to Blesta 5.9.2 or later. As a temp...