Launch Week Day 1: Announcing Security Design Review
Start for Free
MEDIUM 6.1 Maven

Alkacon OpenCMS arbitrary file upload vulnerability

GHSA-ghg2-3w9x-9599 · CVE-2023-37602

Published · Modified

Description

An arbitrary file upload vulnerability in the component /workplace#!explorer of Alkacon OpenCMS v15.0 allows attackers to execute arbitrary code via uploading a crafted PNG file.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes