CVE-2023-34878
Published
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
An issue was discovered in Ujcms v6.0.2 allows attackers to gain sensitive information via the dir parameter to /api/backend/core/web-file-html/download-zip.
Java开源网站内容管理系统(java cms)。使用SpringBoot、MyBatis、Spring Security、Lucene、FreeMarker、TypeScript、Vue3、ElementPlus等技术开发。
GitHub