10 matches found
CVE-2022-24881
Ballcat Codegen provides the function of online editing code to generate templates. In versions prior to 1.0.0.beta.2, attackers can implement remote code execution through malicious code injection of the template engine. This happens because Velocity and freemarker templates are introduced but...
GHSA-FV3M-XHQW-9M79 ballcat-codegen template engine remote code execution injection
Impact Ballcat Codegen provides the function of online editing code to generate templates. In version 1.0.0.beta.2, since Velocity and freemarker templates are introduced but input verification is not done, attackers can implement remote code execution through malicious code injection of the...
ballcat-codegen template engine remote code execution injection
Impact Ballcat Codegen provides the function of online editing code to generate templates. In version 1.0.0.beta.2, since Velocity and freemarker templates are introduced but input verification is not done, attackers can implement remote code execution through malicious code injection of the...
CVE-2022-24881
Ballcat Codegen provides the function of online editing code to generate templates. In versions prior to 1.0.0.beta.2, attackers can implement remote code execution through malicious code injection of the template engine. This happens because Velocity and freemarker templates are introduced but...
Code injection
Ballcat Codegen provides the function of online editing code to generate templates. In versions prior to 1.0.0.beta.2, attackers can implement remote code execution through malicious code injection of the template engine. This happens because Velocity and freemarker templates are introduced but...
CVE-2022-24881 Command Injection in Ballcat Codegen
Ballcat Codegen provides the function of online editing code to generate templates. In versions prior to 1.0.0.beta.2, attackers can implement remote code execution through malicious code injection of the template engine. This happens because Velocity and freemarker templates are introduced but...
CVE-2022-24881 Command Injection in Ballcat Codegen
Ballcat Codegen provides the function of online editing code to generate templates. In versions prior to 1.0.0.beta.2, attackers can implement remote code execution through malicious code injection of the template engine. This happens because Velocity and freemarker templates are introduced but...
CVE-2022-24881 Command Injection in Ballcat Codegen
Ballcat Codegen provides the function of online editing code to generate templates. In versions prior to 1.0.0.beta.2, attackers can implement remote code execution through malicious code injection of the template engine. This happens because Velocity and freemarker templates are introduced but...
CVE-2022-24881
CVE-2022-24881 concerns Ballcat Codegen. Affected versions prior to 1.0.0.beta.2 allow remote code execution via malicious code injection in the template engine, caused by using Velocity and Freemarker templates without proper input verification. The issue is fixed in 1.0.0.beta.2. Public sources...
Ballcat Codegen 输入验证错误漏洞
BallCat Codegen is a code generator for BallCat. A security vulnerability exists in Ballcat Codegen that allows an attacker to achieve remote code execution via malicious code injection from the template engine. This occurs due to the introduction of Velocity and freemarker templates without...