Mcc666

Name of the Vulnerable Software and Affected Versions: xuhuisheng lemon versions through 1.13.0 Description: A weakness exists in xuhuisheng lemon up to version 1.13.0. This issue affects the `uploadImage` function within the `CmsArticleController.java` file, specifically in the `com.mossle.cms.web.CmsArticleController.uploadImage` component. Manipulation of the `Upload` argument results in unrestricted upload capabilities. The attack can be initiated remotely. The exploit has been made publicly available and may be exploited. Recommendations: Versions prior to 1.13.0 are affected. As a temporary workaround, consider restricting access to the `uploadImage` function until a patch is available.