HIGH
Tcpdf Project
CVE published 2017-02-23
CVE-2017-6100
CVE-2017-6100 describes a high-severity TCPDF issue in versions before 6.2.0 where server-side files used during PDF generation can be uploaded to an external FTP destination. NVD rates the flaw as network-exploitable with no privileges or user interaction and a high confidentiality impact. If your environment uses TCPDF 6.1.1 or earlier, treat this as a priority upgrade and review any PDF workflows that [truncated]