CVE-2026-4953 in mingSoft MCMS
Résumé (Anglaise)
A weakness has been identified in mingSoft MCMS 迄 5.5.0. This issue affects the function catchImage of the file net/mingsoft/cms/action/BaseAction.java of the component Editor Endpoint. Executing a manipulation of the argument catchimage can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
Divulgation
27/03/2026
Entrées
| ID | Vulnérabilité | CWE | Base | Temp | 0day | Aujourd'hui | Exp | KEV | EPSS | CTI | Con | CVE |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 353831 | mingSoft MCMS Editor BaseAction.java catchImage élévation de privilèges | 918 | 7.3 | 6.6 | $0-$5k | $0-$5k | Preuve de concept | 0.00038 | 1.43 | Non défini | CVE-2026-4953 |