Moderate severityNVD Advisory· Published Jul 20, 2023· Updated Oct 24, 2024
CVE-2023-37602
CVE-2023-37602
Description
An arbitrary file upload vulnerability in the component /workplace#!explorer of Alkacon OpenCMS v15.0 allows attackers to execute arbitrary code via uploading a crafted PNG file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.opencms:opencms-coreMaven | <= 15.0 | — |
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-ghg2-3w9x-9599ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-37602ghsaADVISORY
- www.exploit-db.com/exploits/51564ghsaWEB
News mentions
0No linked articles in our index yet.