Description
MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName.
Remediation
References
https://github.com/ming-soft/MCMS/issues/59
Related Vulnerabilities
CVE-2021-23342 Vulnerability in maven package org.webjars.npm:docsify
CVE-2023-45134 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-templates
CVE-2023-26134 Vulnerability in npm package git-commit-info
CVE-2018-14732 Vulnerability in npm package webpack-dev-server
CVE-2023-34467 Vulnerability in maven package org.xwiki.platform:xwiki-platform-livetable-ui