Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:34790
HistoryMar 22, 2022 - 9:02 a.m.

Arbitrary Code Injection

2022-03-2209:02:27
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
accesslog
arbitrary code injection
compile function
javascript
vulnerability
software

EPSS

0.007

Percentile

80.0%

JSON

accesslog is vulnerable to arbitrary code injection. The vulnerability exists in compile function in compile.js due to lack of sanitization of inputs which allows an attacker to inject and execute arbitrary javascript code.

Related

cvelist 1
cve 1
osv 1
nvd 1
prion 1
github 1
cvelist
cvelist
CVE-2022-25760 Arbitrary Code Injection
2022-03-17 11:20:27
cve
cve
CVE-2022-25760
2022-03-17 12:15:08
osv
osv
Code injection in accesslog
2022-03-18 00:01:10
nvd
nvd
CVE-2022-25760
2022-03-17 12:15:08
prion
prion
Code injection
2022-03-17 12:15:00
github
github
Code injection in accesslog
2022-03-18 00:01:10

EPSS

0.007

Percentile

80.0%

JSON
Related for VERACODE:34790
cvelist1cve1osv1nvd1prion1github1