大蛋

**Name of the Vulnerable Software and Affected Versions** MCMS version 5.4.3 **Description** An arbitrary file upload vulnerability in the ueditor component of MCMS allows attackers to execute arbitrary code via uploading a crafted file. **Recommendations** For MCMS version 5.4.3, consider disabling the ueditor component until a patch is available to prevent exploitation of the arbitrary file upload vulnerability.