CVE-2021-42967 in Novel Plusproject and Xxyopen Products
Published on May 13, 2022

Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java in novel-plus all versions allows allows an attacker to upload malicious JSP files.

NVD

Products Associated with CVE-2021-42967

stack.watch emails you whenever new vulnerabilities are published in Novel Plusproject Novel Plus or Xxyopen Novel Plus. Just hit a watch button to start following.

Novel Plusproject Novel Plus

Xxyopen Novel Plus

Exploit Probability

EPSS

0.36%

Percentile

58.66%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-42967 in Novel Plusproject and Xxyopen ProductsPublished on May 13, 2022

Products Associated with CVE-2021-42967

Exploit Probability

CVE-2021-42967 in Novel Plusproject and Xxyopen Products
Published on May 13, 2022