2 matches found
CVE-2021-22855
The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands...
CVE-2021-22855
CVE-2021-22855 affects the HR Portal of Soar Cloud System, where the deserialization function accepts any object type, enabling execution of arbitrary commands. According to NVD data, this is a remote, high-severity issue (CVSS v3.1: 9.8, CRITICAL; CVSS v2.0: 7.5, HIGH) with network access, low a...