PT-2022-9890 · Unknown · Geonetwork

Name of the Vulnerable Software and Affected Versions: GeoNetwork versions 3.4.0 through 3.12.0 GeoNetwork versions 4.0.0 through 4.0.3 Description: A privileged attacker can use the directory harvester before-script to execute arbitrary OS commands remotely on the hosting infrastructure. This...