CVE-2024-29399 reference
CVE-2024-29399 Vulnerability Details Overview In Savane v313 and prior, a lack of validation on uploaded files can allow for privilege escalation Web servers configured according to the installation instructions are vulnerable to Cross-Site Scripting (XSS) In misconfigured web servers this can lead to Remote Code Execution (RCE) CWE Classification: CWE-434: Unrestricted Upl