CVE-2020-19138

Published September 8th, 2021

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

HIGH

Affected

PROJECT

Description

Unrestricted Upload of File with Dangerous Type in DotCMS v5.2.3 and earlier allow remote attackers to execute arbitrary code via the component "/src/main/java/com/dotmarketing/filters/CMSFilter.java".

dotCMS/core

The Visual Headless Content Management System for Enterprises

GitHub

947