Unrated severityNVD Advisory· Published Dec 1, 2022· Updated Apr 24, 2025
CVE-2022-36431
CVE-2022-36431
Description
An arbitrary file upload vulnerability in Rocket TRUfusion Enterprise before 7.9.6.1 allows unauthenticated attackers to execute arbitrary code via a crafted JSP file. Issue fixed in version 7.9.6.1.
Affected products
2- Rocket/TRUfusion Enterprisedescription
- Range: <7.9.6.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.