CVE-2021-40089
PrimeKey EJBCA up to version 7.6.0 is affected by a logic flaw in the General Purpose Custom Publisher. The publisher, which is intended to invoke a local script during publishing, could still execute when the System Configuration setting Enable External Script Access is disabled. This means that...