First published: Wed Apr 29 2020(Updated: )
MonoX through 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.aspx because of deserialization in ModuleGallery.HTML5Upload, ModuleGallery.SilverLightUploadModule, HTML5Upload, and SilverLightUploadHandler.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mono Monox | <=5.1.40.5152 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.