CVE-2025-9406 | xuhuisheng lemon up to 1.13.0 CmsArticleController.java uploadImage Upload unrestricted upload (Issue 212)

A vulnerability marked as critical has been reported in xuhuisheng lemon up to 1.13.0. This affects the function uploadImage of the file CmsArticleController.java of the component com.mossle.cms.web.CmsArticleController.uploadImage. This manipulation of the argument Upload causes unrestricted upload.

This vulnerability is handled as CVE-2025-9406. The attack can be initiated remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More