CVE-2023-42398

CVE-2023-42398

EPSS 1.3%

An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/laterfuture/php-audit/blob/main/CVE-2023-42398%E2%80%94%E2%80%94ZZCMS2023%20SSRF