Vulnerabilities > Studip

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-08	CVE-2023-50982	Unrestricted Upload of File with Dangerous Type vulnerability in Studip Stud.Ip Stud.IP 5.x through 5.3.3 allows XSS with resultant upload of executable files, because upload_action and edit_action in Admin_SmileysController do not check the file extension. network low complexity studip CWE-434 critical	9.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > Studip {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Studip"}]}

Vulnerabilities > Studip