CVE

CVE-2023-35840

CVE-2023-35840

_joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector.

Source: CVE-2023-35840

Exit mobile version