Filtered by vendor Yangzongzhuan
Subscriptions
Filtered by product Ruoyi-vue
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-9374 | 1 Yangzongzhuan | 1 Ruoyi-vue | 2026-05-24 | 6.3 Medium |
| A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.9.2. Impacted is the function FileUploadUtils.upload of the file /common/upload of the component Common Upload Endpoint. Performing a manipulation results in unrestricted upload. The attack is possible to be carried out remotely. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
Page 1 of 1.