| Title | 1902756969 reggie 1.0 any file uploaded |
|---|
| Description | The upload method in src/main/java/com/itheima/reggie/controller/CommonController.java only performs front-end validation on file suffixes, allowing attackers to directly upload any file |
|---|
| Source | ⚠️ https://github.com/1902756969/reggie/issues/2 |
|---|
| User | LVZC4 (UID 79688) |
|---|
| Submission | 01/02/2025 08:47 (1 Year ago) |
|---|
| Moderation | 01/12/2025 10:51 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 291277 [1902756969 reggie 1.0 CommonController.java upload File unrestricted upload] |
|---|
| Points | 15 |
|---|