2 matches found
CVE-2025-9406
A weakness has been identified in xuhuisheng lemon up to 1.13.0. This affects the function uploadImage of the file CmsArticleController.java of the component com.mossle.cms.web.CmsArticleController.uploadImage. This manipulation of the argument Upload causes unrestricted upload. The attack can be...
CVE-2025-9406
A vulnerability is identified in xuhuisheng lemon up to 1.13.0 affecting the uploadImage function in CmsArticleController.java (com.mossle.cms.web.CmsArticleController.uploadImage). The Upload argument is manipulated to enable unrestricted uploads, with remote initiation and a publicly available ...