An arbitrary file upload vulnerability in the file upload component of ButterCMS v1.2.8 allows attackers to execute arbitrary code via a crafted SVG file.
{
"github_reviewed_at": "2022-04-22T21:02:44Z",
"nvd_published_at": "2022-04-12T17:15:00Z",
"github_reviewed": true,
"cwe_ids": [
"CWE-434"
],
"severity": "CRITICAL"
}