Loading HuntDB...

GHSA-mx92-jwq3-h28x

GitHub Security Advisory

⚠ Unreviewed MODERATE Has CVE

Advisory Details

A vulnerability, which was classified as problematic, was found in JFinalCMS up to 20240903. This affects the function update of the file /admin/template/update of the component com.cms.controller.admin.TemplateController. The manipulation of the argument fileName leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Related CVEs

Key Information

GHSA ID
GHSA-mx92-jwq3-h28x
Published
September 11, 2024 9:30 PM
Last Modified
September 11, 2024 9:30 PM
CVSS Score
5.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: June 14, 2025 6:24 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.