CVE-2022-34919

Name of the Vulnerable Software and Affected Versions Zengenti Contensis Classic versions prior to 15.2.1.79

Description The file upload wizard does not correctly check that a user has authenticated, allowing the execution of arbitrary commands by uploading a crafted aspx file.

Recommendations For versions prior to 15.2.1.79, update to version 15.2.1.79 or later to resolve the issue. As a temporary workaround, consider restricting access to the file upload wizard to minimize the risk of exploitation.