Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unrestricted Upload of File with Dangerous Type vulnerabilities exist in the rich text editor and document manage components in CIPPlanner CIPAce before 9.17. An authorized user can upload executable files when inserting images in the rich text editor, and upload executable files when uploading files on the document management page. Those executables can be executed if they are not stored in a shared directory or if the storage directory has executed permissions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CIPPlanner CIPAce 安全漏洞
Vulnerability Description
CIPPlanner CIPAce是美国CIPPlanner公司的一套业务流程自动化和应用程序开发平台。 CIPPlanner CIPAce 9.17之前版本存在安全漏洞,该漏洞源于富文本编辑器及文档管理组件允许上传危险类型文件,可能导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A