RSS   Vulnerabilities for 'Ui for silverlight'   RSS

2020-03-31
 
CVE-2020-11414

CWE-22
 

 
An issue was discovered in Progress Telerik UI for Silverlight before 2020.1.330. The RadUploadHandler class in RadUpload for Silverlight expects a web request that provides the file location of the uploading file along with a few other parameters. The uploading file location should be inside the directory where the upload handler class is defined. Before 2020.1.330, a crafted web request could result in uploads to arbitrary locations.

 

 >>> Vendor: Telerik 8 Products
Asp.net ajax radeditor control
Ui for asp.net ajax
Analytics monitor library
Asp.net webforms report viewer
Sitefinity cms
Extensions for asp.net mvc
Radchart
Ui for silverlight


Copyright 2020, cxsecurity.com

 

Back to Top