CVE-2023-49801 | Lif-Platforms Lif-Auth-Server up to 1.3.x get_pfp/get_banner path traversal (GHSA-3v77-pvqq-qg3f)

Posted by Angelo Barbosa | Jan 12, 2024 | CVE

A vulnerability, which was classified as problematic, was found in Lif-Platforms Lif-Auth-Server up to 1.3.x. Affected is the function get_pfp/get_banner. The manipulation leads to relative path traversal.

This vulnerability is traded as CVE-2023-49801. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-49801 | Lif-Platforms Lif-Auth-Server up to 1.3.x get_pfp/get_banner path traversal (GHSA-3v77-pvqq-qg3f)

Related Posts

CVE-2024-9104 | UltimateAI Plugin up to 2.8.3 on WordPress unverified password change

CVE-2024-5478 | lunary-ai lunary up to 1.2.7 cross site scripting

CVE-2023-47320 | Silverpeas Core up to 6.3.1 Maintenance Mode access control

CVE-2024-1540 | gradio-app gradio CI command injection