OFCMS backend ueditor uploadFile file upload vulnerability
OFCMS is a content management system based on Java technology. A backend ueditor uploadFile file upload vulnerability exists in versions of OFCMS prior to 1.1.3. The vulnerability stems from the blocking of .jsp and .jspx files that fails to take into account file.jsp::$DATA of the...