Description
Unrestricted file upload vulnerability in ui/artifact/upload in JFrog Artifactory before 4.16 allows remote attackers to (1) deploy an arbitrary servlet application and execute arbitrary code by uploading a war file or (2) possibly write to arbitrary files and cause a denial of service by uploading an HTML file.
Remediation
References
Related Vulnerabilities
WordPress Plugin Booking Package-Appointment Booking Calendar System Cross-Site Scripting (1.5.10)
WordPress Plugin VikBooking Hotel Booking Engine & PMS Multiple Vulnerabilities (1.5.3)
Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7950)