EPSS
Percentile
21.4%
octoprint is vulnerable to arbitrary file upload. The vulnerability exists due to misconfiguration in move file functionality which allows an attacker to upload malicious files and change the file extension of the uploaded files.
github.com/advisories/GHSA-49wm-4fp6-h59c
github.com/octoprint/octoprint/commit/3e3c11811e216fb371a33e28412df83f9701e5b0
huntr.dev/bounties/b966c74d-6f3f-49fe-b40a-eaf25e362c56/