29Ara
CVE-2023-52085 | Winter CMS up to 1.2.3 ColorPicker FormWidget path traversal (GHSA-2x7r-93ww-cxrq)
A vulnerability classified as critical has been found in Winter CMS up to 1.2.3. Affected is an unknown function of the component ColorPicker FormWidget Handler. The manipulation leads to path traversal. This vulnerability is traded as CVE-2023-52085. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.