CNNVD-202510-378 Information
Oct 02, 2025
cve
CNNVD ID
CNNVD-202510-378
Related CVE
- CNNVD Published: 2025-10-02
Description (Chinese)
GTONE ChangeFlow是韩国GTONE公司的一个应用变更管理软件。 GTONE ChangeFlow v9.0.1.1及之前版本存在安全漏洞,该漏洞源于路径名限制不当和危险文件类型上传不受限制,可能导致路径遍历和访问控制列表约束不当。
Description (English)
GTONE ChangeFlow is an application change management software for GTONE in Korea. There is a security loophole in GTONE ChangeFlow v9.0.1.1 and earlier versions, which stems from inappropriate pathname restrictions and unrestricted upload of dangerous file types, which may lead to inappropriate routing and access control list constraints.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
GTONE
Published
2025-10-02
Last Modified
2026-02-24
References
http://www.gtone.co.kr/kr/application-lifecycle-management.php
Share on: