Lucene search
+L

4 matches found

NVD
NVD
added 2021/12/02 4:15 p.m.20 views

CVE-2021-23259

Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotelyRCE...

7.2CVSS0.00703EPSS
Exploits0References1
OSV
OSV
added 2021/12/02 4:15 p.m.11 views

CVE-2021-23259

Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotelyRCE...

7.2CVSS7.8AI score
Exploits0References1
Cvelist
Cvelist
added 2021/12/02 3:40 p.m.25 views

CVE-2021-23259 Groovy Sandbox Bypass

Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotelyRCE...

4.2CVSS7.6AI score0.00703EPSS
Exploits0References1
CVE
CVE
added 2021/12/02 3:40 p.m.38 views

CVE-2021-23259

Crafter CMS vulnerability CVE-2021-23259 allows authenticated users with Administrator or Developer roles to execute OS commands via a Groovy Script that renders pages. The root cause is Groovy script execution without security restrictions, enabling remote command execution (RCE). This is descri...

7.2CVSS6.3AI score0.00703EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder