Description
The product allows a file to be uploaded, but it relies on the file name or extension of the file to determine the appropriate behaviors. This could be used by attackers to cause the file to be misclassified and processed in a dangerous fashion.
Latest vulnerabilities for CWE-646
References
Description of CWE-646 on Mitre website