dotCMS Data Breach
dotCMS experienced a data breach that was reported on August 25, 2022. dotCMS ContentResource API contains an unrestricted upload of file with a dangerous type vulnerability that allows for directory traversal, in which the file is saved outside of the intended storage l
Key Facts
- Organization
- dotCMS
- Date Reported
- August 25, 2022
- Incident Type
- ransomware
- Industry
- Technology
- Severity Score
- 6/10
- Confidence Level
- high
- Tags
Source
View original source - External link to primary source documentation
Understanding ransomware Incidents
Ransomware attacks encrypt organizational data and demand payment for recovery. They often involve data exfiltration before encryption, enabling double extortion. Organizations should maintain offline backups and incident response plans.