CVE

CVE-2021-32828

CVE-2021-32828

The Nuxeo Platform is an open source content management platform for building business applications. In version 11.5.109, the `oauth2` REST API is vulnerable to Reflected Cross-Site Scripting (XSS). This XSS can be escalated to Remote Code Execution (RCE) by levering the automation API.

Source: CVE-2021-32828

Exit mobile version