|
IlohaMail Arbitrary File Attachment Upload Path Vulnerability
Vulnerable versions of IlohaMail do not sufficiently check the upload path for file attachments when a message is composed. As a result, a malicious user of the webmail system may be able to place a file on the host in any location which is writeable by the webserver process. It is also possible that local files may be overwritten by the malicious file attachment. |
|
|
Privacy Statement |
