CVE-2024-25975

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions.

Description The issue concerns an application's up- and downvote function, which modifies a value in a JSON file. Due to improper filtering of POST parameters, an arbitrary file can be overwritten. An authenticated attacker can control the file but not its content. The vulnerability allows overwriting files that the webserver has write access to, requiring a relative path (path traversal) to be supplied.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.