CVE-2025-13262 | lsfusion platform up to 6.1 UploadFileRequestHandler.java UploadFileRequestHandler sid path traversal (Issue 1544)

A vulnerability described as critical has been identified in lsfusion platform up to 6.1. Affected by this vulnerability is the function UploadFileRequestHandler of the file platform/web-client/src/main/java/lsfusion/http/controller/file/UploadFileRequestHandler.java. Executing manipulation of the argument sid can lead to path traversal.

This vulnerability is handled as CVE-2025-13262. The attack can be executed remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More