CVE-2022-50897 | mPDF 7.0 Annotation filename control (Exploit 50995 / EDB-50995)

A vulnerability was found in mPDF 7.0. It has been rated as problematic. Affected is an unknown function of the component Annotation Handler. Performing a manipulation results in improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is reported as CVE-2022-50897. The attack is possible to be carried out remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More