CVE-2022-36431

Publication date

2022-12-01 00:00:00

Family

mitre

State

PUBLISHED

Description

An arbitrary file upload vulnerability in Rocket TRUfusion Enterprise before 7.9.6.1 allows unauthenticated attackers to execute arbitrary code via a crafted JSP file. Issue fixed in version 7.9.6.1.