CVE

CVE-2018-1321

admin

CVE-2018-1321

An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11 and 2.0.x before 2.0.8 can use XSL Transformations (XSLT) to perform malicious operations, including but not limited to file read, file write, and code execution.

Source: CVE-2018-1321

Exit mobile version