openpsa/midcom is vulnerable to remote code execution (RCE) attacks. The library does not sanitize the json string before deserialization, allowing a malicious user to inject and execute arbitrary code through it.
CPE | Name | Operator | Version |
---|---|---|---|
openpsa/midcom | le | 9.4.0 |