CVE-2022-22929

描述

MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file.

受影響套件(1)

• Maven/net.mingsoft:ms-mcmsfrom 0, <= 5.2.4

CVSS 分數

參考連結(2)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-22929
• WEBhttps://web.archive.org/web/20230521040336/https://gitee.com/mingSoft/MCMS/issues/I4Q4NV