Stud IP

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-08	CVE-2023-50982	Unrestricted Upload of File with Dangerous Type vulnerability in Studip Stud.Ip Stud.IP 5.x through 5.3.3 allows XSS with resultant upload of executable files, because upload_action and edit_action in Admin_SmileysController do not check the file extension. network low complexity studip CWE-434 critical	9.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.