THREAT OPS › CVEs › CVE-2017-11357
CVE-2017-11357 — Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability
Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution.
Vulnerability details
- Affected productsUser Interface (UI) for ASP.NET AJAX
- KEV remediation due2023-02-16