A vulnerability classified as critical was found in VvvebJs up to 1.7.4. This vulnerability affects unknown code of the file save.php. The manipulation of the argument sanitizeFileName leads to Remote Code Execution.
This vulnerability was named CVE-2024-29272. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.