Authenticated Directory Traversal Vulnerability in dotCMS API Leading to Remote Code Execution

Authenticated Directory Traversal Vulnerability in dotCMS API Leading to Remote Code Execution

CVE-2022-45783 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

An issue was discovered in dotCMS core 4.x through 22.10.2. An authenticated directory traversal vulnerability in the dotCMS API can lead to Remote Code Execution.

Learn more about our Api Penetration Testing.