This flaw made it possible for unauthenticated attackers to upload arbitrary files and achieve remote code execution.
Set-up quiz that accepts file uploads, then upload file and change content-type to one set as approved.
CPE | Name | Operator | Version |
---|---|---|---|
quiz-master-next | lt | 7.0.1 |