PT-2023-23658 · Apache +1 · Apache Jena +1

Name of the Vulnerable Software and Affected Versions: Apache Jena versions 3.7.0 through 4.8.0 Description: The issue is related to insufficient restrictions of called script functions in Apache Jena, allowing a remote user to execute javascript via a SPARQL query. Recommendations: For Apache Je...