Shopware 代码注入漏洞

Shopware is a suite of open source e-commerce software from German company Shopware. A code injection vulnerability exists in Shopware versions prior to 6.7.6.1, which stems from a regression of the CVE-2023-2017 vulnerability causing arrays and specially crafted PHP closures to not be checked...

GHSA-62PM-MGRH-7P69 Incorrect Authorization in Jenkins Script Security Plugin

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and earlier related to the handling of default parameter expressions in closures allowed attackers to execute arbitrary code in sandboxed scripts...