| |
Vulnerability CVE-2022-47878
Published: 2023-05-02
| Description: |
Incorrect input validation for the default-storage-path in the settings page in Jedox 2020.2.5 allows remote, authenticated users to specify the location as Webroot directory. Consecutive file uploads can lead to the execution of arbitrary code. |
References: |
https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
