An arbitrary file upload vulnerability in the uploadAudio method of inxedu v2024.4 allows malicious users to execute arbitrary code via uploading a crafted .jsp file.