CVE-2022-48584

A command injection vulnerability exists in the download and convert report feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system.

Source: CVE-2022-48584