CVE-2019-9611

Name of the Vulnerable Software and Affected Versions OFCMS versions prior to 1.1.3

Description An issue in OFCMS allows directory traversal through the "admin/cms/template/getTemplates.html" endpoint, using ../ in the dir parameter. This enables writing arbitrary content, specified in the file content parameter, into an arbitrary file, defined by the file name parameter. The issue is related to the save function in TemplateController.java.

Recommendations For versions prior to 1.1.3, update to version 1.1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the "admin/cms/template/getTemplates.html" endpoint to minimize the risk of exploitation. Avoid using the dir, file content, and file name parameters in this endpoint until the issue is resolved.