CVE-2025-21622 | MacWarrior clipbucket-v5 up to 5.5.1-236 Avatar Upload avatar_url path traversal

Posted by Angelo Barbosa | Jan 7, 2025 | CVE

A vulnerability has been found in MacWarrior clipbucket-v5 up to 5.5.1-236 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Avatar Upload Handler. The manipulation of the argument avatar_url leads to path traversal.

This vulnerability is known as CVE-2025-21622. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-21622 | MacWarrior clipbucket-v5 up to 5.5.1-236 Avatar Upload avatar_url path traversal

Related Posts

CVE-2024-2014 | Panabit Panalog 202103080942 sprog_upstatus.php id sql injection

CVE-2024-33972 | Janobe School Attendance Monitoring System 1.0 /report/event_print.php events sql injection

CVE-2024-31351 | Copymatic Plugin up to 1.6 on WordPress unrestricted upload

CVE-2024-38518 | BigBlueButton up to 2.6.17/2.7.7/3.0.0-alpha6 access control (GHSA-4m48-49h7-f3c4)