High severity vulnerability that affects org.apache.syncope:syncope-core

2018-11-06T23:15:46
ID GHSA-QFJV-998W-Q48F
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:02:05

Description

An administrator with workflow definition entitlements can use DTD to perform malicious operations, including but not limited to file read, file write, and code execution.