mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
997 B
997 B
CVE-2021-23772
Description
This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. The unsafe handling of file names during upload using UploadFormFiles method may enable attackers to write to arbitrary locations outside the designated target folder.
POC
Reference
- https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMKATARASIRIS-2325169
- https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMKATARASIRISV12-2325170