Critical RCE Bug Reported in dotCMS Content Management SoftwareThe Hacker News

Torna a Articoli

Critical RCE Bug Reported in dotCMS Content Management SoftwareThe Hacker News

A pre-authenticated remote code execution vulnerability has been disclosed in dotCMS, an open-source content management system written in Java and “used by over 10,000 clients in over 70 countries around the globe, from Fortune 500 brands and mid-sized businesses.”
The critical flaw, tracked as CVE-2022-26352, stems from a directory traversal attack when performing file uploads, enabling anRead More

Condividi questo post

Torna a Articoli