What is GHSA-65gp-g5gj-7rfh?

GHSA-65gp-g5gj-7rfh is a security advisory published by GitHub Security Advisories with Medium severity. A vulnerability was determined in Metasoft 美特软件 MetaCRM up to 6.4.0 Beta06. This impacts an...

Which CVE IDs does GHSA-65gp-g5gj-7rfh cover?

GHSA-65gp-g5gj-7rfh covers the following CVE IDs: CVE-2026-8758. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-65gp-g5gj-7rfh?

GHSA-65gp-g5gj-7rfh has a CVSS v3 base score of 7.3, published by GitHub Security Advisories.

GHSA-65gp-g5gj-7rfhMediumCVSS 7.3

A vulnerability was determined in Metasoft 美特软件 MetaCRM up to 6.4.0 Beta06. This impacts an...

Vendor

GitHub Security Advisories

Published

May 17, 2026

Last Modified

May 17, 2026

🔗 CVE IDs covered (1)

CVE-2026-8758 →

📋 Description

A vulnerability was determined in Metasoft 美特软件 MetaCRM up to 6.4.0 Beta06. This impacts an unknown function of the file /common/jsp/upload3.jsp. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

🔗 References (6)

https://nvd.nist.gov/vuln/detail/CVE-2026-8758
https://ucn9h68n9289.feishu.cn/wiki/XmoNwpJjJiQrBtkLMitccF56ntb
https://vuldb.com/submit/811283
https://vuldb.com/vuln/364385
https://vuldb.com/vuln/364385/cti
https://github.com/advisories/GHSA-65gp-g5gj-7rfh