CVE-2023-26563
- Reference to the description:
- Description:
- The Syncfusion EJ2 Node File Provider 0102271 is vulnerable to filesystem-server.js directory traversal. As a result, an unauthenticated attacker can: - On Windows, list files in any directory, read any file, delete any file, upload any file to any directory accessible by the web server. - On Linux, read any file, download any directory, delete any file, upload any file to any directory accessible by the web server.
- Last updated date:
- 07/26/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 07/26/2023
- Reference url to background
https://github.com/RupturaInfoSec/CVE-2023-26563-26564-26565/