CVE-2017-11466
The CVE-2017-11466 vulnerability affects dotCMS 4.1.1 and involves an Arbitrary file upload via the AjaxFileUploadServlet (com/dotmarketing/servlets/AjaxFileUploadServlet.class). Remote authenticated administrators can exploit directory traversal in the fieldName parameter to upload a .jsp file t...