VYPR
High severityNVD Advisory· Published Jun 19, 2023· Updated Dec 11, 2024

CVE-2023-35840

CVE-2023-35840

Description

_joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
studio-42/elfinderPackagist
< 2.1.622.1.62

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.