2024-11-27
TCPDF version 6.7.5 is vulnerable to a Local File Inclusion (LFI) vulnerability. This allows an attacker to read arbitrary files from the server’s file system by exploiting the `src` tag. This could potentially lead to the exposure of sensitive information.
Form:
Platform: TCPDF
Version: 6.7.5
Vulnerability: Local File Inclusion (LFI)
Severity: Moderate
Date: November 26, 2024
What Undercode Says:
This vulnerability could have serious implications for systems running vulnerable versions of TCPDF. Attackers could exploit this vulnerability to gain unauthorized access to sensitive information. It is highly recommended to update to a patched version of TCPDF or implement appropriate security measures to mitigate the risk.
References:
Reported By: Github.com
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help