2 matches found
EUVD-2024-52835
Malicious code in bioql PyPI...
CVE-2024-55652 PwnDoc Server-Side Template Injection vulnerability - Sandbox Escape to RCE using custom filters
PenDoc is a penetration testing reporting application. Prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, an attacker can write a malicious docx template containing expressions that escape the JavaScript sandbox to execute arbitrary code on the system. An attacker who can control the...