CVE-2018-1321

Posted on 2018년 3월 21일2018년 3월 21일 by admin

CVE-2018-1321

An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11 and 2.0.x before 2.0.8 can use XSL Transformations (XSLT) to perform malicious operations, including but not limited to file read, file write, and code execution.

Source: CVE-2018-1321

답글 남기기 응답 취소