CVE-2021-46386 · Vexday

CVE-2021-46386

EPSS 3.1%

File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileAction#upload.

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://gitee.com/mingSoft/MCMS/issues/I4R0GW