关键漏洞信息 Issue: SI-48 Published: Jan 10, 2019 Title: File Upload Vulnerability Severity: Medium Requires Admin: Yes Fix Versions: TBD Credit: Johannes Moritz - RIPS TECHNOLOGIES GMBH Description A specific dotCMS REST endpoint can be utilized to create files on the server's filesystem. To exploit this vulnerability, the user must be logged into the backend of dotCMS with administrator permissions. Mitigation Should always be running dotCMS as a user that only has access to the parts of the filesystem necessary to run dotCMS. These limited permissions will keep this vulnerability from being used to create files outside of the dotCMS / tomcat directory structure. Use OSGi plugin to restrict access to vulnerable URLs: https://github.com/dotCMS/com.dotcms.csrfFilter Issue Links: https://github.com/dotCMS/core/issues/15812