CVE

CVE-2021-23427

CVE-2021-23427

This affects all versions of package elFinder.NetCore. The ExtractAsync function within the FileSystem is vulnerable to arbitrary extraction due to insufficient validation.

Source: CVE-2021-23427

Exit mobile version