THREATOPS
THREAT OPSCVEs › CVE-2017-11357

CVE-2017-11357 — Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability

CISA KEVExploited: confirmedTelerik

Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution.

Vulnerability details