Unrated severityNVD Advisory· Published Jun 5, 2020· Updated Aug 4, 2024
CVE-2020-12849
CVE-2020-12849
Description
Pydio Cells 2.0.4 allows any user to upload a profile image to the web application, including standard and shared user roles. These profile pictures can later be accessed directly with the generated URL by any unauthenticated or authenticated user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Pydio/Pydio Cellsdescription
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/158002/Pydio-Cells-2.0.4-XSS-File-Write-Code-Execution.htmlmitrex_refsource_MISC
- www.coresecurity.com/advisoriesmitrex_refsource_MISC
- www.coresecurity.com/core-labs/advisories/pydio-cells-204-multiple-vulnerabilitiesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.