An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-12-15T00:00:00
Updated: 2024-08-03T14:09:56.938Z
Reserved: 2022-11-14T00:00:00
Link: CVE-2022-45338
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-12-15T23:15:10.407
Modified: 2022-12-21T14:20:14.273
Link: CVE-2022-45338
Redhat
No data.