Description
Unrestricted file upload vulnerability in ui/artifact/upload in JFrog Artifactory before 4.16 allows remote attackers to (1) deploy an arbitrary servlet application and execute arbitrary code by uploading a war file or (2) possibly write to arbitrary files and cause a denial of service by uploading an HTML file.
Remediation
References
Related Vulnerabilities
Drupal Core 9.3.x Remote Code Execution (9.3.0 - 9.3.18)
WordPress Plugin Word Balloon Cross-Site Scripting (4.19.2)
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-62258)
WordPress Plugin Conditional Marketing Mailer for WooCommerce Unspecified Vulnerability (1.6)
WordPress Plugin Helios Solutions Brand Logo Slider Arbitrary File Upload (2.1)