CVE-2025-9795

by Fred · 01/09/2025

A vulnerability has been found in xujeff tianti 天梯 up to 2.3. The impacted element is the function ajaxUploadFile of the file src/main/java/com/jeff/tianti/controller/UploadController.java. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

More information : https://github.com/xujeff/tianti/issues/43

CVE-2025-9795

Similar

Recent Posts

Categories

CVE-2025-9795

Share this:

Similar

Recent Posts

Categories

Tags