Unrated severityNVD Advisory· Published Sep 24, 2025· Updated Sep 24, 2025
CVE-2025-56815
CVE-2025-56815
Description
Datart 1.0.0-rc.3 is vulnerable to Directory Traversal in the POST /viz/image interface, since the server directly uses MultipartFile.transferTo() to save the uploaded file to a path controllable by the user, and lacks strict verification of the file name.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Datart/Datartdescription
- Range: = 1.0.0-rc.3
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.