Vulnerability — CVE-2022-4511

CVE-2022-4511

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2022-4511
Description:: A vulnerability has been found in RainyGao DocSys and classified as critical. Affected by this vulnerability is an unknown functionality of the component com.DocSystem.controller.UserController#getUserImg. The manipulation leads to path traversal: '../filedir'. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215851.
Last updated date:: 12/20/2022

Type:: exploit
Confidence:: HIGH
Date of publishing:: 12/20/2022
Reference url to background: https://gitee.com/RainyGao/DocSys/issues/I66A3V