CVE-2025-66449 | C4illin ConvertX up to 0.15.x /upload file.name path traversal (GHSA-cpww-gwgc-p72r)

A vulnerability, which was classified as critical, has been found in C4illin ConvertX up to 0.15.x. Impacted is an unknown function of the file /upload. Performing manipulation of the argument file.name results in path traversal.

This vulnerability is identified as CVE-2025-66449. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More