CVE-2023-34747
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Jun 14, 2023
Updated: Jan 6, 2025
CWE ID 434
Summary
CVE-2023-34747 represents a file upload vulnerability affecting ujcms version 6.0.2. An attacker can exploit this flaw by uploading malicious files through the /api/backend/core/web-file-upload/upload endpoint. Successful exploitation could result in arbitrary code execution or unauthorized access to sensitive data. System administrators are advised to install the latest security patches to mitigate this risk. Users should avoid using outdated software versions to ensure their cybersecurity posture remains robust.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share