CVE-2019-10100

CVE-2019-10100

In JetBrains YouTrack Confluence plugin versions before 1.8.1.3, it was possible to achieve Server Side Template Injection. The attacker could add an Issue macro to the page in Confluence, and use a combination of a valid id field and specially crafted code in the link-text-template field to execute code remotely.

Source: CVE-2019-10100

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다