CVE-2017-11357

⚠ KEVEPSS 93.7%

Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability

Added to CISA KEV: 1/26/2023

Description

Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution.

Affected packages (0)

No package mapping in OSV.