mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
933 B
933 B
CVE-2020-7685
Description
This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that blocks certain file types, depending on their security needs and policies.
POC
Reference
- https://snyk.io/vuln/SNYK-DOTNET-UMBRACOFORMS-595765
- https://snyk.io/vuln/SNYK-DOTNET-UMBRACOFORMS-595765
Github
No PoCs found on GitHub currently.