VYPR
Moderate severityNVD Advisory· Published Feb 26, 2025· Updated Mar 12, 2025

Relative Path Traversal in assets file upload

CVE-2022-25773

Description

This advisory addresses a file placement vulnerability that could allow assets to be uploaded to unintended directories on the server.

  • Improper Limitation of a Pathname to a Restricted Directory: A vulnerability exists in the asset upload functionality that allows users to upload files to directories outside of the intended temporary directory.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
mautic/corePackagist
< 5.2.35.2.3

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.