Description
An arbitrary file upload vulnerability in the file upload module of PayloadCMS v0.15.0 allows attackers to execute arbitrary code via a crafted SVG file.
Remediation
References
https://github.com/payloadcms/payload
https://www.youtube.com/watch?v=6CfhAxA3xdQ
Related Vulnerabilities
CVE-2022-31160 Vulnerability in npm package jquery-ui
CVE-2021-21361 Vulnerability in maven package com.bmuschko:gradle-vagrant-plugin
CVE-2021-23343 Vulnerability in npm package path-parse
CVE-2021-39135 Vulnerability in npm package @npmcli/arborist
CVE-2019-10775 Vulnerability in maven package org.webjars.npm:ecstatic