CVE-2020-29441 HIGH

CVE-2020-29441

Vendor N/A
Product n/a
Published November 30, 2020
Last update August 4, 2024

CVSS base score

7.2/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AC:L/AV:N/A:L/C:N/I:L/PR:N/S:C/UI:N

What the vulnerability does

01Description

An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0. An unauthenticated attacker can upload arbitrary files. In some cases, this attack may consume the available database space (Denial of Service), corrupt legitimate data if files are being processed asynchronously, or deny access to legitimate uploaded files.

Key dates

02Disclosure timeline

November 30, 2020 CVE published
August 4, 2024 Record updated