CVE-2023-42398

CVE-2023-42398

EPSS 1.3%

An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/laterfuture/php-audit/blob/main/CVE-2023-42398%E2%80%94%E2%80%94ZZCMS2023%20SSRF