THREAT OPS › CVEs › CVE-2022-26352
CVE-2022-26352 — dotCMS Unrestricted Upload of File Vulnerability
dotCMS ContentResource API contains an unrestricted upload of file with a dangerous type vulnerability that allows for directory traversal, in which the file is saved outside of the intended storage location. Exploitation allows for remote code execution.
Vulnerability details
- Affected productsdotCMS
- KEV remediation due2022-09-15