A vulnerability in ${"freemarker.template.utility.Execute"?new() of UJCMS Jspxcms v10.2.0 allows attackers to execute arbitrary commands via uploading malicious files.
References
Link | Resource |
---|---|
https://gitee.com/jspxcms/Jspxcms/issues/I4QAZN | Exploit Issue Tracking Third Party Advisory |
Configurations
Information
Published : 2022-02-04 14:15
Updated : 2022-02-08 18:43
NVD link : CVE-2022-23329
Mitre link : CVE-2022-23329
JSON object : View
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type
Products Affected
ujcms
- jspxcms