2 matches found
Remote Code Execution (RCE)
Apache Syncope is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe handling of custom Groovy implementations, where a malicious administrator can inject Groovy code that is executed by the Syncope Core at runtime, enabling remote code execution until sandboxing is...
EUVD-2021-7265
Malicious code in bioql PyPI...