High severityNVD Advisory· Published Jun 19, 2023· Updated Dec 11, 2024
CVE-2023-35840
CVE-2023-35840
Description
_joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
studio-42/elfinderPackagist | < 2.1.62 | 2.1.62 |
Affected products
2- elFinder/elFinderdescription
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.