CVE-2024-13201 | wander-chu SpringBoot-Blog 1.0 Admin Attachment AttachtController.java upload file unrestricted upload

A vulnerability has been found in wander-chu SpringBoot-Blog 1.0 and classified as critical. This vulnerability affects the function upload of the file src/main/java/com/my/blog/website/controller/admin/AttachtController.java of the component Admin Attachment Handler. The manipulation of the argument file leads to unrestricted upload.

This vulnerability was named CVE-2024-13201. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-13201 | wander-chu SpringBoot-Blog 1.0 Admin Attachment AttachtController.java upload file unrestricted upload

Related Posts

CVE-2024-23222 | Apple visionOS up to 1.0.1 WebKit type confusion (HT214070)

CVE-2024-34818 | WebinarPress Plugin up to 1.33.17 on WordPress cross-site request forgery

CVE-2024-12644 | Chunghwa Telecom tbm-client up to 0.3.20 cross-site request forgery

CVE-2023-52345 | Unisoc S8000 Modem Driver information disclosure