Name of the Vulnerable Software and Affected Versions ezplatform-kernel (affected versions not specified)

Description The issue allows unwanted file types to be stored even if they are not easily accessible due to the content not being published. This occurs when file validation is configured to reject certain files by file type, but the file can still be saved when saving the content draft. An attacker would need existing access to create content with a file field type to exploit this.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.