akeneo/pim-community-dev is vulnerable to arbitrary code injection. The vulnerability exists in Location
parameter in httpd.conf
because of not properly validate user inputs which allows an attacker to inject and execute malicious code into the system.
github.com/akeneo/pim-community-dev/blob/b4d79bb073c8b68ea26ab227c97cc78d86c4cba1/docker/httpd.conf#L39
github.com/akeneo/pim-community-dev/commit/891a2f70a9a200f199de06fe64d376d03787a81a
github.com/akeneo/pim-community-dev/commit/a53e16c8ee686641d8f69ca8ba68df7893828070
github.com/akeneo/pim-community-dev/pull/18543
github.com/akeneo/pim-community-dev/releases/tag/v6.0.53
github.com/akeneo/pim-community-dev/security/advisories/GHSA-w9wc-4xcq-8gr6