Remote code execution

2020-12-3021:15:00

PRIOn knowledge base

www.prio-n.com

9.7 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.6%

JsLink in Webswing before 2.6.12 LTS, and 2.7.x and 20.x before 20.1, allows remote code execution.

CPENameOperatorVersion
webswinglt2.6.12
webswingge2.7
webswinglt20.1

Name	Operator	Version
webswing	lt	2.6.12
webswing	ge	2.7
webswing	lt	20.1

References

bitbucket.org/meszarv/webswing/issues/375/webswing-jslink-mechanism-remote-code

www.webswing.org/docs/2.6/discover/release_notes.html