CVE-2026-61343 - LibreBooking path traversal
CVE ID :CVE-2026-61343
Published : July 9, 2026, 6:16 p.m. | 28 minutes ago
Description :LibreBooking's email template editor save action passes the submitted template name directly into the destination file path, allowing a remote attacker with administrator credentials to write an arbitrary file outside the template directory and execute code. Fixed in 5.1.0.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : July 9, 2026, 6:16 p.m. | 28 minutes ago
Description :LibreBooking's email template editor save action passes the submitted template name directly into the destination file path, allowing a remote attacker with administrator credentials to write an arbitrary file outside the template directory and execute code. Fixed in 5.1.0.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...