Medium severity5.5NVD Advisory· Published Sep 5, 2023· Updated Jun 17, 2026
CVE-2023-4480
CVE-2023-4480
Description
Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write files to arbitrary locations, provided the files pass the application’s mime-type and file extension validation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 0
Patches
Vulnerability mechanics
References
1- www.synopsys.com/blogs/software-security/cyrc-vulnerability-advisory-cve-2023-2453/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.