[SYSS-2018-015] HiScout GRC Suite < 3.1.5 – Unrestricted Upload of File with Dangerous Type

Posted by sebastian . auwaerter on Sep 12Advisory ID: SYSS-2018-015
Product: HiScout GRC Suite
Manufacturer: HiScout GmbH
Affected Version(s): < 3.1.5 Tested Version(s): 3.1.3.12 Vulnerability Type: Unrestricted Upload of File with Dangerous Type Risk Level: High Solution Status: Fixed Manufacturer Notification: 2018-07-26 Solution Date: 2018-09-03 Public Disclosure: 2018-09-12 CVE Reference: CVE-2018-16796 Author of Advisory: Sebastian Auwaerter, SySS GmbH...

Link: http://seclists.org/bugtraq/2018/Sep/27