CVE-2021-41280

Sharetribe Go is a source available marketplace software. In affected versions operating system command injection is possible on installations of Sharetribe Go, that do not have a secret AWS Simple Notification Service SNS notification token configured via the snsnotificationtoken configuration...

Sharetribe Go 操作系统命令注入漏洞

Sharetribe Go is a source-available marketplace software from the Sharetribe team. An OS command injection vulnerability exists in versions of Sharetribe Go prior to 10.2.1, users who are unable to upgrade should set the snsnotificationtoken configuration parameter to a confidential value...