First published: Thu May 20 2021(Updated: )
KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed.
Credit: vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
Kujirahand Konawiki | <2.2.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this security issue is CVE-2021-20721.
The severity level of CVE-2021-20721 is critical.
CVE-2021-20721 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed.
KonaWiki2 versions prior to 2.2.4 are affected by CVE-2021-20721.
Yes, updating to version 2.2.4 or newer of KonaWiki2 will fix the vulnerability.