Lucene search

K
redhatcveRedhat.comRH:CVE-2020-5529
HistorySep 23, 2021 - 5:59 p.m.

CVE-2020-5529

2021-09-2317:59:22
redhat.com
access.redhat.com
23
htmlunit
code execution
vulnerability
rhino engine
javascript
java
android application

EPSS

0.004

Percentile

73.5%

HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application. Moreover, when embedded in Android application, Android-specific initialization of Rhino engine is done in an improper way, hence a malicious JavaScript code can execute arbitrary Java code on the application.