Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, aka "XSS File Upload."
Advisories
Source ID Title
EUVD EUVD EUVD-2013-6063 Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, aka "XSS File Upload."
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-06T17:38:59.393Z

Reserved: 2013-10-21T00:00:00

Link: CVE-2013-6234

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-11-22T19:15:11.500

Modified: 2024-11-21T01:58:53.890

Link: CVE-2013-6234

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.