Description
File upload vulnerability in MCMS 5.0 allows attackers to execute arbitrary code via a crafted thumbnail. A different vulnerability than CVE-2022-31943.
Remediation
References
https://github.com/ming-soft/MCMS
https://github.com/ming-soft/MCMS/issues/42
Related Vulnerabilities
CVE-2021-31712 Vulnerability in npm package react-draft-wysiwyg
CVE-2022-41928 Vulnerability in maven package org.xwiki.platform:xwiki-platform-attachment-ui
CVE-2020-7716 Vulnerability in npm package deeps
CVE-2020-28424 Vulnerability in npm package s3-kilatstorage
CVE-2020-36189 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind