CVE

CVE-2021-23415

CVE-2021-23415

This affects the package elFinder.AspNet before 1.1.1.
The user-controlled file name is not properly sanitized before it is used to create a file system path.

Source: CVE-2021-23415

Exit mobile version