CVE-2022-32065

Description

An arbitrary file upload vulnerability in the background management module of RuoYi v4.7.3 and below allows attackers to execute arbitrary code via a crafted HTML file.

Risk Information

Base Score

5.4

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS Score

Exploitation Probability

0.447

Associated Vulnerability

Vulnerability	OS Platform
Vulnerabilities CVE-2022-32065 are fixed in RuoYi-ruoyi 4.7.4	Windows
Vulnerabilities CVE-2022-32065 are fixed in RuoYi-ruoyi for Linux 4.7.4	Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234