Italiano
English
Summary:
An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/comn/service/editUploadImage URI.
Published:
Wednesday, March 6, 2019 - 17:29
cvss: