OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload files on a non-public node when using the –receive functionality.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Onionshare |
Onionshare |
2.3 (including) |
2.4 (excluding) |
References