MODX Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-26149)
Description
MODX Revolution through 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Uploadable File Types setting can be changed by an administrator.