3 matches found
CVE-2023-49964
An issue was discovered in Hyland Alfresco Community Edition through 7.2.0. By inserting malicious content in the folder.get.html.ftl file, an attacker may perform SSTI Server-Side Template Injection attacks, which can leverage FreeMarker exposed objects to bypass restrictions and achieve RCE...
CVE-2023-49964
Hyland Alfresco Community Edition (up to v7.2.0) is affected by CVE-2023-49964 due to an SSTI flaw in the folder.get.html.ftl FreeMarker template. An attacker who can insert malicious content into that template may leverage FreeMarker exposed objects to bypass restrictions and achieve Remote Code...
Exploit for Injection in Hyland Alfresco_Content_Services
CVE-2023-49964: FreeMarker Server-Side Template Injection in A...