CVE-2013-4330

2013-10-04T17:55:00
ID CVE-2013-4330
Type cve
Reporter cve@mitre.org
Modified 2019-05-24T11:29:00

Description

Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple{}" in a CamelFileName message header to a (1) FILE or (2) FTP producer.