Vulnerabilities > Progress > Openedge Innovation > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-18 CVE-2023-40051 Unrestricted Upload of File with Dangerous Type vulnerability in Progress Openedge and Openedge Innovation
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on the system running PASOE.
network
low complexity
progress CWE-434
critical
9.9