CVE-2022-36431
Summary (validated): CVE-2022-36431 affects Rocket TRUfusion Enterprise prior to 7.9.6.1. An unauthenticated attacker can upload a crafted JSP file to achieve arbitrary code execution due to an arbitrary file upload vulnerability. The issue is fixed in version 7.9.6.1. Affected software: Rocket T...