An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an attacker is able to deserialize arbitrary data and hence can potentially achieve Java code execution.
8.8CVSS
8.8AI Score
0.001EPSS
An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username.
5.4CVSS
5.9AI Score
0.001EPSS