2 matches found
Command Injection
Overview @budibase/types is a Budibase types Affected versions of this package are vulnerable to Command Injection via the public webhook endpoint. An attacker can execute arbitrary commands as the root user within the application container and exfiltrate sensitive environment secrets by sending...
CVE-2019-20888
An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It allows attackers to cause a denial of service memory consumption via an outgoing webhook or a slash command integration...