Jellycms · Jellycms · CVE-2022-26630
**Name of the Vulnerable Software and Affected Versions**
Jellycms versions 3.8.1 and below
**Description**
The issue is related to an arbitrary file upload vulnerability. It can be exploited via the `db.php` file in the `appadminControllers` directory.
**Recommendations**
For Jellycms versions 3.8.1 and below, at the moment, there is no information about a newer version that contains a fix for this vulnerability.