7.2 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
58.9%
DedeCMS 5.7 SP2 allows XML injection, and resultant remote code execution, via a “<file type=‘file’ name='…/” substring.
github.com/ky-j/dedecms/issues/3