CVE-2020-22643: Unrestricted Upload of File with Dangerous Type

January 26, 2021 (updated January 29, 2021)

Feehi CMS potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files.

References

github.com/liufee/cms/issues/51
nvd.nist.gov/vuln/detail/CVE-2020-22643

Detect and mitigate CVE-2020-22643 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →