CVE-2023-5022

Name of the Vulnerable Software and Affected Versions DedeCMS versions up to 5.7.100

Description A critical issue has been found in DedeCMS, affecting an unknown functionality of the file /include/dialog/select templets post.php. The manipulation of the activepath argument leads to absolute path traversal.

Recommendations For DedeCMS versions up to 5.7.100, update to a version later than 5.7.100 to resolve the issue. As a temporary workaround, consider restricting access to the /include/dialog/select templets post.php file until a patch is available. Avoid manipulating the activepath argument in the affected file to minimize the risk of exploitation.