exploitDog

GHSA-764h-r5xf-7cf5

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution (RCE) via XML tag injection because reportlab\platypus\paraparser.py (reached via bscw.cgi op=_editfolder.EditFolder) calls eval on attacker-supplied Python code. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3.

OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution (RCE) via XML tag injection because reportlab\platypus\paraparser.py (reached via bscw.cgi op=_editfolder.EditFolder) calls eval on attacker-supplied Python code. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3.

Ссылки

EPSS

Процентиль: 89%

0.04884

Низкий

CVE ID

Дефекты

CWE-91

Связанные уязвимости

CVE-2021-36359

CVSS3: 8.8

nvd

больше 4 лет назад

OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution (RCE) via XML tag injection because reportlab\platypus\paraparser.py (reached via bscw.cgi op=_editfolder.EditFolder) calls eval on attacker-supplied Python code. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3.

EPSS

Процентиль: 89%

0.04884

Низкий

CVE ID

Дефекты

CWE-91