GHSA-6w2f-6wq3-rjvf, CVE-2022-32065
maven/com.ruoyi/ruoyi
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
An arbitrary file upload vulnerability in the background management module of RuoYi v4.7.3 and below allows attackers to execute arbitrary code via a crafted HTML file.
All versions before 4.7.4
Upgrade to version 4.7.4 or above.
2022-07-24
source |