Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution.

Related CVEs

CVE-2018-7679

Key Information

GHSA ID

GHSA-q696-7rwm-g645

Published

May 13, 2022 1:10 AM

Last Modified

May 13, 2022 1:10 AM

CVSS Score

9.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 3, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.