Soabase Exhibitor UI Config Command Injection (CVE-2019-5029)
A command injection vulnerability exists in Soabase Exhibitor, an open source project from Netflix. The vulnerability is due to improper validation of user-supplied input in the Config tab of Exhibitor web interface. A remote unauthenticated attacker can exploit the vulnerability by sending craft...