Balisong

**Name of the Vulnerable Software and Affected Versions** Exponent CMS versions 2.3.0 through 2.3.9 **Description** The issue allows remote attackers to have an unspecified impact related to uploading files to the wrong location. **Recommendations** For Exponent CMS versions 2.3.0 through 2.3.9, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Exponent CMS versions prior to 2.3.9 **Description** The issue allows an attacker to upload a malicious script file using redirection, placing the script in an unprotected folder that permits script execution. **Recommendations** For versions prior to 2.3.9, update to version 2.3.9 or later to resolve the issue.