CVE-2024-40543

PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery SSRF via the component /admin/ueditor?action=catchimage...

OFCMS backend ueditor uploadFile file upload vulnerability

OFCMS is a content management system based on Java technology. A backend ueditor uploadFile file upload vulnerability exists in versions of OFCMS prior to 1.1.3. The vulnerability stems from the blocking of .jsp and .jspx files that fails to take into account file.jsp::$DATA of the...