Primary

Context

Timeline File Upload Vulnerability Allowing Malicious Files and Denial-of-Service

Vulnerability

A vulnerability exists in the Timeline website's file upload feature, where uploaded files are not properly validated for type and size. This lack of strict validation allows users to upload renamed or oversized files, potentially disrupting performance or bypassing existing restrictions. As a result, this vulnerability could lead to malicious file uploads, denial-of-service conditions, or client-side crashes. Versions through 1.0.4 are affected, with the issue patched in version 1.0.5.

Impact

Exploitation of this vulnerability could result in unauthorized file uploads, causing potential disruption to website performance, client-side application crashes, or denial-of-service conditions.

Remediation

Users can upgrade to Timeline version 1.0.5 to address this vulnerability.

Added: Jul 15, 2025, 12:16 AM

Updated: Jul 15, 2025, 12:16 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

6.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

6.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Timeline File Upload Vulnerability Allowing Malicious Files and Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating