The exploit has been disclosed to the public and may be used. The exploitation appears to be difficult. The complexity of an attack is rather high. The manipulation of the argument FilterExpression leads to code injection. Affected by this vulnerability is an unknown functionality of the file src/main/java/ml/shifu/shifu/core/DataPurifier.java of the component Java Expression Language Handler. The associated identifier of this vulnerability is VDB-249307.Ī vulnerability has been found in ShifuML shifu 0.12.0 and classified as critical. It is recommended to apply a patch to fix this issue. The manipulation leads to cross site scripting. Affected by this vulnerability is an unknown functionality of the file novel-admin/src/main/java/com/java2nb/novel/controller/FriendLinkController.java of the component Friendly Link Handler. VDB-249510 is the identifier assigned to this vulnerability.Ī vulnerability was found in Novel-Plus up to 4.2.0. It is possible to launch the attack remotely. The manipulation leads to code injection. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. A vulnerability, which was classified as critical, was found in spider-flow 0.4.3.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |