CVE-2023-49801 | Lif-Platforms Lif-Auth-Server up to 1.3.x get_pfp/get_banner path traversal (GHSA-3v77-pvqq-qg3f)

Posted by Angelo Barbosa | Jan 12, 2024 | CVE

A vulnerability, which was classified as problematic, was found in Lif-Platforms Lif-Auth-Server up to 1.3.x. Affected is the function get_pfp/get_banner. The manipulation leads to relative path traversal.

This vulnerability is traded as CVE-2023-49801. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-49801 | Lif-Platforms Lif-Auth-Server up to 1.3.x get_pfp/get_banner path traversal (GHSA-3v77-pvqq-qg3f)

Related Posts

Ivanti Secure Access Client Request Local Privilege Escalation

CVE-2024-1171 | wpdevteam Essential Addons for Elementor Plugin up to 5.9.8 on WordPress Filterable Gallery Widget cross site scripting

CVE-2024-37018 | OpenDaylight 0.15.3 Discovery Packet unknown vulnerability

CVE-2024-4943 | Blocksy Plugin up to 2.0.46 on WordPress cross site scripting