Critical severity9.8NVD Advisory· Published Nov 10, 2022· Updated Jun 17, 2026
CVE-2022-39036
CVE-2022-39036
Description
The file upload function of Agentflow BPM has insufficient filtering for special characters in URLs. An unauthenticated remote attacker can exploit this vulnerability to upload arbitrary file and execute arbitrary code to manipulate system or disrupt service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 4.0.0.1183.552
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.