CVE-2023-51282

HIGH

mingSoft MCMS <5.2.4 - Info Disclosure

Title source: llm

An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter.

gitee 32,018 stars

by mingSoft · javawriteup

CVSS v3 7.5

EPSS 0.0021

EPSS Percentile 42.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-94

Status published

Products (2)

mingsoft/mcms 5.2.4

net.mingsoft/ms-mcms 0Maven

Published Jan 16, 2024

Tracked Since Feb 18, 2026