Design/Logic Flaw

2022-02-0422:15:00

PRIOn knowledge base

www.prio-n.com

9.7 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.0%

JSON

A vulnerability in ${“freemarker.template.utility.Execute”?new() of UJCMS Jspxcms v10.2.0 allows attackers to execute arbitrary commands via uploading malicious files.

CPENameOperatorVersion
jspxcmseq10.2.0

CPE	Name	Operator	Version
	jspxcms	eq	10.2.0

References

gitee.com/jspxcms/Jspxcms/issues/I4QAZN