An issue in zzCMS v.2023 allows a remote malicious user to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php.
zzcms zzcms 2023