Description
MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName.
Remediation
References
https://github.com/ming-soft/MCMS/issues/59
Related Vulnerabilities
CVE-2022-25895 Vulnerability in npm package lite-dev-server
CVE-2021-43786 Vulnerability in npm package nodebb
CVE-2023-50164 Vulnerability in maven package org.apache.struts:struts2-core
CVE-2023-2972 Vulnerability in npm package @antfu/utils
CVE-2022-36911 Vulnerability in maven package org.jenkins-ci.plugins:openstack-heat