CVE-2022-26352

⚠ KEVEPSS 94.3%

dotCMS Unrestricted Upload of File Vulnerability

Added to CISA KEV: 8/25/2022

Description

dotCMS ContentResource API contains an unrestricted upload of file with a dangerous type vulnerability that allows for directory traversal, in which the file is saved outside of the intended storage location. Exploitation allows for remote code execution.

Affected packages (0)

No package mapping in OSV.