2 matches found
CVE-2021-32828 Regular expression Denial of Service in MooTools
The Nuxeo Platform is an open source content management platform for building business applications. In version 11.5.109, the oauth2 REST API is vulnerable to Reflected Cross-Site Scripting XSS. This XSS can be escalated to Remote Code Execution RCE by levering the automation API...
CVE-2021-32828
The CVE-2021-32828 entry affects Nuxeo Platform 11.5.109, where the oauth2 REST API is vulnerable to Reflected XSS, which can be escalated to Remote Code Execution (RCE) via the automation API. The available connected documents confirm the affected software/component and the root cause/impact. Re...