Описание
MCMS allows arbitrary file uploads in the ueditor component
An arbitrary file upload vulnerability in the ueditor component of MCMS v5.4.3 allows attackers to execute arbitrary code via uploading a crafted file.
Пакеты
Наименование
net.mingsoft:ms-mcms
maven
Затронутые версииВерсия исправления
< 5.4.4
5.4.4
Связанные уязвимости
CVSS3: 9.8
nvd
10 месяцев назад
An arbitrary file upload vulnerability in the ueditor component of MCMS v5.4.3 allows attackers to execute arbitrary code via uploading a crafted file.