CVE-2013-7285

CVE-2013-7285

Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.

Source: CVE-2013-7285

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다