IBM Leads 7.x, 8.1.0 prior to 8.1.0.14, 8.2, 8.5.0 prior to 8.5.0.7.3, 8.6.0 prior to 8.6.0.8.1, 9.0.0 up to and including 9.0.0.4, 9.1.0 prior to 9.1.0.6.1, and 9.1.1 prior to 9.1.1.0.2 allows remote authenticated users to bypass intended file-upload restrictions via a modified extension.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm leads 9.1.1 |
||
ibm leads 7.1.0 |
||
ibm leads 8.5.0 |
||
ibm leads 9.0.0 |
||
ibm leads 7.1.1 |
||
ibm leads 7.5.0 |
||
ibm leads 8.1.0 |
||
ibm leads 8.2.0 |
||
ibm leads 8.6.0 |
||
ibm leads 9.1.0 |