Severity: Critical
CVSS Score: 9.8
In Studio-42 elFinder 2.1.60, there is a vulnerability that causes remote code execution through file name bypass for file upload.