Incorrect input validation for the default-storage-path in the settings page in Jedox 2020.2.5 allows remote, authenticated users to specify the location as Webroot directory. Consecutive file uploads can lead to the execution of arbitrary code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jedox jedox 2020.2.5 |