An issue exists in ThoughtWorks GoCD prior to 21.3.0. An attacker who has compromised a GoCD agent can upload a malicious file into an arbitrary directory of a GoCD server, but does not control the filename.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
thoughtworks gocd |