{"id":"GHSA-4828-473v-37gh","summary":"Unrestricted Upload of File with Dangerous Type in MCMS","details":"MCMS v5.2.8 was discovered to contain an arbitrary file upload vulnerability.","aliases":["CVE-2022-31943"],"modified":"2023-11-08T04:09:33.372998Z","published":"2022-07-02T00:00:19Z","database_specific":{"github_reviewed_at":"2022-07-13T15:41:23Z","cwe_ids":["CWE-434"],"nvd_published_at":"2022-07-01T21:15:00Z","severity":"CRITICAL","github_reviewed":true},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31943"},{"type":"WEB","url":"https://github.com/ming-soft/MCMS/issues/95"},{"type":"PACKAGE","url":"https://github.com/ming-soft/MCMS"}],"affected":[{"package":{"name":"net.mingsoft:ms-mcms","ecosystem":"Maven","purl":"pkg:maven/net.mingsoft/ms-mcms"},"versions":["5.2.8"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/07/GHSA-4828-473v-37gh/GHSA-4828-473v-37gh.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}