Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Sitecore through 10.1, when Update Center is enabled, allows remote authenticated users to upload arbitrary files and achieve remote code execution by visiting an uploaded .aspx file at an admin/Packages URL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sitecore 代码问题漏洞
Vulnerability Description
Sitecore是丹麦Sitecore公司的一套在线营销内容管理系统(CMS)。该系统支持内容编辑、多种语言、多网站部署、数字资产管理等。 Sitecore 10.1及之前版本存在安全漏洞,远程经过身份验证的用户可以上传任意文件并通过访问"admin/Packages URL"上传的 .aspx 文件来实现远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A