VYPR
Unrated severityNVD Advisory· Published Dec 5, 2025· Updated Dec 5, 2025

CVE-2016-20023

CVE-2016-20023

Description

In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the correct path to a file was provided.

Affected products

2
  • Cfmsource/CKFinderllm-create2 versions
    <=2.5.0.1+ 1 more
    • (no CPE)range: <=2.5.0.1
    • (no CPE)range: 2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.