DooTask Arbitrary File Upload Vulnerability in the Messaging Component

Vulnerability

A vulnerability allowing authenticated users to upload arbitrary files has been identified in DooTask version 1.0.51. This issue arises in the messaging component's file upload feature, where attackers can upload a crafted file that could be used to execute arbitrary code.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution on the server.

Added: Aug 22, 2025, 7:18 PM

Updated: Aug 22, 2025, 7:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

DooTask Arbitrary File Upload Vulnerability in the Messaging Component

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating