2 matches found
Arbitrary Code Injection
Overview locutus is a Locutus other languages' stadard libraries to JavaScript for fun and educational purposes Affected versions of this package are vulnerable to Arbitrary Code Injection via the createfunctionargs, code function. An attacker can execute arbitrary code by supplying unsanitized...
Improper Isolation or Compartmentalization
Overview org.apache.syncope.core:syncope-core-provisioning-java is an Open Source system for managing digital identities in enterprise environments, implemented in Java EE technology and released under Apache 2.0 license. Affected versions of this package are vulnerable to Improper Isolation or...