CVE-2022-22929 · Vexday

CVE-2022-22929

EPSS 2.6%

MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://gitee.com/mingSoft/MCMS/issues/I4Q4NV