Security Advisory

CVE-2025-25361

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-06 00:00:00
Last updated 2025-03-07 19:48:51
Assigner mitre
State PUBLISHED

Description

An arbitrary file upload vulnerability in the component /cms/CmsWebFileAdminController.java of PublicCMS v4.0.202406 allows attackers to execute arbitrary code via uploading a crafted svg or xml file.