CVE-2021-41280

Sharetribe Go is a source available marketplace software. In affected versions operating system command injection is possible on installations of Sharetribe Go, that do not have a secret AWS Simple Notification Service SNS notification token configured via the snsnotificationtoken configuration...

CVE-2021-41280 OS command injection in Sharetribe Go

Sharetribe Go is a source available marketplace software. In affected versions operating system command injection is possible on installations of Sharetribe Go, that do not have a secret AWS Simple Notification Service SNS notification token configured via the snsnotificationtoken configuration...

CVE-2021-41280

CVE-2021-41280 affects Sharetribe Go (OS configuration) where an operating system command injection is possible in affected versions that do not configure the secret SNS notification token via the sns_notification_token parameter. The issue is mitigated by upgrading to version 10.2.1, where the p...

Sharetribe Go 操作系统命令注入漏洞

Sharetribe Go is a source-available marketplace software from the Sharetribe team. An OS command injection vulnerability exists in versions of Sharetribe Go prior to 10.2.1, users who are unable to upgrade should set the snsnotificationtoken configuration parameter to a confidential value...