攻击者可以访问本地文件系统中的任意文件
补丁修复:https://github.com/Studio-42/elFinder/commit/bb9aaa7b096a1b83f2f85657c43f12131ece2891
官方通告:https://github.com/Studio-42/elFinder/security/advisories/GHSA-wm5g-p99q-66g4
CVE-2023-35840:https://nvd.nist.gov/vuln/detail/CVE-2023-35840
elFinder < 2.1.62
2.1.62
扫一扫订阅