CVE-2021-33523

CVE-2021-33523

MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController.

Source: CVE-2021-33523

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다