Description
MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName.
Remediation
References
https://github.com/ming-soft/MCMS/issues/59
Related Vulnerabilities
CVE-2020-35149 Vulnerability in maven package org.webjars.npm:mquery
CVE-2021-39152 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2021-23382 Vulnerability in npm package postcss
CVE-2020-7775 Vulnerability in npm package freediskspace
CVE-2022-24999 Vulnerability in maven package org.webjars:qs