Количество 2
Количество 2
CVE-2019-19999
около 6 лет назад
Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration.
CVSS3: 7.2
EPSS: Низкий
GHSA-x8hw-99fp-gmh6
больше 3 лет назад
Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration.
CVSS3: 7.2
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-19999 Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration. | CVSS3: 7.2 | 0% Низкий | около 6 лет назад |
| GHSA-x8hw-99fp-gmh6 Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration. | CVSS3: 7.2 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу
20