CVE-2024-57452

Name of the Vulnerable Software and Affected Versions ChestnutCMS versions <=1.5.0

Description The issue allows attackers to delete any file and folder due to an arbitrary file deletion vulnerability in the contentcore.controller.FileController. This vulnerability enables attackers to exploit the system, potentially causing data loss.

Recommendations For ChestnutCMS versions <=1.5.0, update to a version greater than 1.5.0 to resolve the issue. As a temporary workaround, consider restricting access to the contentcore.controller.FileController to minimize the risk of exploitation.