Arbitrary File Upload Vulnerability in dotCMS 4.1.1

Arbitrary File Upload Vulnerability in dotCMS 4.1.1

CVE-2017-11466 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

Arbitrary file upload vulnerability in com/dotmarketing/servlets/AjaxFileUploadServlet.class in dotCMS 4.1.1 allows remote authenticated administrators to upload .jsp files to arbitrary locations via directory traversal sequences in the fieldName parameter to servlets/ajax_file_upload. This results in arbitrary code execution by requesting the .jsp file at a /assets URI.

Learn more about our Cms Pen Testing.