CVE-2024-50652

Name of the Vulnerable Software and Affected Versions: java shop version 1.0

Description: A file upload issue allows attackers to upload arbitrary files by modifying the avatar function. This enables them to upload any file they want by changing the avatar function.

Recommendations: For java shop version 1.0, as a temporary workaround, consider disabling the avatar function until a patch is available. Restrict access to file upload features to minimize the risk of exploitation. Avoid using the file upload feature in the affected version until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.