Skip to content

Instantly share code, notes, and snippets.

@yahaha9
Created January 24, 2025 07:10
CVE-2024-57052
CVE ID: CVE-2024-57052
Vulnerability Description: Denial of Service caused by unrestricted file uploads.
Affected Software Versions: youdiancms <= 9.5.20
Cause of the Vulnerability: The software saves every uploaded avatar image from users on the server without restrictions.
Suggested Fix: Only one avatar image per user should be retained.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment