Critical severity9.8NVD Advisory· Published Oct 14, 2021· Updated Jun 17, 2026
CVE-2021-42342
CVE-2021-42342
Description
An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI scripts without being prefixed with the CGI prefix. This permits tunneling untrusted environment variables into vulnerable CGI scripts.
Affected products
2- GoAhead/GoAheaddescription
Patches
Vulnerability mechanics
References
1- github.com/embedthis/goahead/issues/305nvdThird Party Advisory
News mentions
0No linked articles in our index yet.