How severe is CVE-2024-13022?

CVE-2024-13022 has a CVSS v3 score of 6.3 (MEDIUM).

CVE-2024-13022

Name: tarzan-cms
Author: taisan

6.3MEDIUM

A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This affects the function UploadResponse of the file src/main/java/com/tarzan/cms/modules/admin/controller/comm

Published: 12/29/2024Updated: 8/21/2025

Description

A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This affects the function UploadResponse of the file src/main/java/com/tarzan/cms/modules/admin/controller/common/UploadController.java of the component Article Management. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

AI AnalysisPowered by AI

Affected Products

taisantarzan-cms

1.0.0

References

https://gitee.com/taisan/tarzan-cms/issues/IBCUPG
ExploitIssue Tracking
https://vuldb.com/?ctiid.289713
Permissions RequiredVDB Entry
https://vuldb.com/?id.289713
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.467471
Third Party AdvisoryVDB Entry