Description
An issue was discovered in Znuny and Znuny LTS 6.0.31 through 6.5.7 and Znuny 7.0.1 through 7.0.16 where a logged-in user can upload a file (via a manipulated AJAX Request) to an arbitrary writable location by traversing paths. Arbitrary code can be executed if this location is publicly available through the web server.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 debian 12 | | =6.3.2-3 || =6.3.3-1 || =6.3.3-1~bpo11+1 || =6.3.4-1 || =6.3.4-1~bpo11+1 || =6.4.2-1 || =6.4.2-1~bpo11+1 || =6.4.2-2 || =6.4.3-1 || =6.4.3-1~bpo11+1 || =6.4.4-1 || =6.4.5-1 || =6.4.5-1~bpo11+1 || =6.4.5-2 || =6.5.1-1 || =6.5.10-1 || =6.5.10-1~bpo12+1 || =6.5.11-1 || =6.5.11-1~bpo12+1 || =6.5.13-1 || =6.5.14-1 || =6.5.14-1~bpo12+1 || =6.5.15-1 || =6.5.15-2 || =6.5.15-2~bpo12+1 || =6.5.16-1 || =6.5.18-1 || =6.5.18-1~bpo13+1 || =6.5.19-1 || =6.5.3-1 || =6.5.3-1~bpo12+1 || =6.5.4-1 || =6.5.4-1~bpo12+1 || =6.5.5-1 || =6.5.5-1~bpo12+1 || =6.5.6-1 || =6.5.6-1~bpo12+1 || =6.5.8-1 || =6.5.8-1~bpo12+1 || =6.5.9-1 || =6.5.9-1~bpo12+1 | - |
debian 13 | | =6.3.2-3 || =6.3.3-1 || =6.3.3-1~bpo11+1 || =6.3.4-1 || =6.3.4-1~bpo11+1 || =6.4.2-1 || =6.4.2-1~bpo11+1 || =6.4.2-2 || =6.4.3-1 || =6.4.3-1~bpo11+1 || =6.4.4-1 || =6.4.5-1 || =6.4.5-1~bpo11+1 || =6.4.5-2 || =6.5.1-1 || =6.5.3-1 || =6.5.3-1~bpo12+1 || =6.5.4-1 || =6.5.4-1~bpo12+1 || =6.5.5-1 || =6.5.5-1~bpo12+1 || =6.5.6-1 || =6.5.6-1~bpo12+1 || =6.5.8-1~bpo12+1 || >=0 <6.5.8-1 | 6.5.8-1 |
debian 14 | | =6.3.2-3 || =6.3.3-1 || =6.3.3-1~bpo11+1 || =6.3.4-1 || =6.3.4-1~bpo11+1 || =6.4.2-1 || =6.4.2-1~bpo11+1 || =6.4.2-2 || =6.4.3-1 || =6.4.3-1~bpo11+1 || =6.4.4-1 || =6.4.5-1 || =6.4.5-1~bpo11+1 || =6.4.5-2 || =6.5.1-1 || =6.5.3-1 || =6.5.3-1~bpo12+1 || =6.5.4-1 || =6.5.4-1~bpo12+1 || =6.5.5-1 || =6.5.5-1~bpo12+1 || =6.5.6-1 || =6.5.6-1~bpo12+1 || =6.5.8-1~bpo12+1 || >=0 <6.5.8-1 | 6.5.8-1 |
