CVE-2021-46386: Mingsoft MCMS vulnerable to Remote Code Execution via file upload.

Severity: Critical

CVSS Score: 9.8

File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileAction#upload.