How severe is CVE-2022-24241?

CVE-2022-24241 has a CVSS v3 score of 7.5 (HIGH).

CVE-2022-24241

Name: aceweb_online_portal
Author: aceware

7.5HIGH

ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name vulnerability via the txtFilePath parameter in attachments.awp.

Published: 6/2/2022Updated: 11/21/2024

Description

ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name vulnerability via the txtFilePath parameter in attachments.awp.

AI AnalysisPowered by AI

Affected Products

acewareaceweb_online_portal

References

http://aceware.com
Product
http://aceweb.com
Product
https://www.aceware.com/forum/viewtopic.php?f=7&t=481
Release NotesVendor Advisory
http://aceware.com
Product
http://aceweb.com
Product
https://www.aceware.com/forum/viewtopic.php?f=7&t=481
Release NotesVendor Advisory