CVE-2022-47042: Arbitrary file write in net.mingsoft:ms-mcms

January 26, 2023 (updated January 27, 2023)

MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do.

References

gitee.com/mingSoft/MCMS/issues/I6592F
github.com/advisories/GHSA-65v6-3c9m-hmrp
nvd.nist.gov/vuln/detail/CVE-2022-47042

Detect and mitigate CVE-2022-47042 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →