GHSA-VR35-JM2F-8WG2 Apache Syncope Vulnerable to Exposure of Sensitive Information Through Data Queries
Exposure of Sensitive Information Through Data Queries vulnerability in Apache Syncope. An administrator with adequate entitlements for Derived Schemas can create a malicious JEXL expression which allows any administrator with sufficient entitlements for User read to access User-related...