CVE-2022-25773 Information

Description

This advisory addresses a file placement vulnerability that could allow assets to be uploaded to unintended directories on the server.

Improper Limitation of a Pathname to a Restricted Directory: A vulnerability exists in the asset upload functionality that allows users to upload files to directories outside of the intended temporary directory.

Reference

https://github.com/mautic/mautic/security/advisories/GHSA-4w2w-36vm-c8hf