Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2021-23258

Authenticated users with Administrator or Developer roles may execute OS commands by SPEL Expression in Spring beans. SPEL Expression does not have security restrictions, which…

Devamını oku

CVE-2021-23263

Unauthenticated remote attackers can read textual content via FreeMarker including files /scripts/*, /templates/* and some of the files in /.git/* (non-binary). Devamını Oku

Devamını oku