CVE-2026-11621 – Dcat-Admin User Setting upload editorMDUpload unrestricted upload

CVE ID :CVE-2026-11621

Published : June 9, 2026, 3:16 a.m. | 1 hour, 18 minutes ago

Description :A weakness has been identified in Dcat-Admin up to 2.2.3-beta. This impacts the function editorMDUpload of the file /admin/dcat-api/editor-md/upload of the component User Setting Page. This manipulation of the argument editormd-image-file causes unrestricted upload. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.

Severity: 5.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-11620 – TOTOLINK EX200 vsftpd vsftpd.conf least privilege violation

CVE-2026-7556 – FV Flowplayer Video Player

CVE-2026-5714 – Enable Media Replace

CVE-2026-11619 – Dolibarr ERP CRM Legacy Filemanager config.inc.php improper authorization