Lucene search
ApacheCVELIST:CVE-2018-1321HistoryMar 21, 2018 - 12:00 a.m.
CVE-2018-1321
2018-03-2100:00:00
apache
www.cve.org
An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can use XSL Transformations (XSLT) to perform malicious operations, including but not limited to file read, file write, and code execution.
CNA Affected
[
{
"product": "Apache Syncope",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Releases prior to 1.2.11, Releases prior to 2.0.8"
},
{
"status": "affected",
"version": "The unsupported Releases 1.0.x, 1.1.x may be also affected."
}
]
}
]Related
osv
osv
CVE-2018-1321
2018-03-20 17:29:00
High severity vulnerability that affects org.apache.syncope:syncope-core
2018-11-06 23:17:27
github
github
High severity vulnerability that affects org.apache.syncope:syncope-core
2018-11-06 23:17:27
nvd
nvd
CVE-2018-1321
2018-03-20 17:29:00
prion
prion
Remote code execution
2018-03-20 17:29:00
cve
cve
CVE-2018-1321
2018-03-21 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2018-03-20 02:35:09
zdt
zdt
Apache Syncope 2.0.7 Remote Code Execution Exploit
2018-09-15 00:00:00
exploitpack
exploitpack
Apache Syncope 2.0.7 - Remote Code Execution
2018-09-13 00:00:00
f5
f5
K49033153 : Apache Syncope vulnerabilities CVE-2018-1321 and CVE-2018-1322
2018-07-17 00:00:00
packetstorm
packetstorm
Apache Syncope 2.0.7 Remote Code Execution
2018-09-15 00:00:00
exploitdb
exploitdb
Apache Syncope 2.0.7 - Remote Code Execution
2018-09-13 00:00:00