CNNVD-202512-3229 Information

CNNVD ID

CNNVD-202512-3229

Related CVE

CVE-2023-53923

• CNNVD Published: 2025-12-17

Description (Chinese)

UliCMS是UliCMS开源的一个内容管理系统（CMS）。该系统支持访问控制和所见即所得编辑等功能。 UliCMS 2023.1版本存在安全漏洞，该漏洞源于未经验证的攻击者可通过UserController端点创建管理员账户，可能导致权限提升。

Description (English)

UlICMS is a UliCMS open source content management system (CMS). The system supports features such as access control and the resulting editing. UliCMS version 2023.1 contains a security loophole that originates from uncertified assailants who can create administrator accounts through the UserController endpoint, which may lead to enhanced privileges.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

UliCMS

Published

2025-12-17

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/51433 https://en.ulicms.de/ https://web.archive.org/web/20230314183734/ https://www.vulncheck.com/advisories/ulicms-privilege-escalation-via-unauthenticated-admin-account-creation https://access.redhat.com/security/cve/cve-2023-53923