RSS   Vulnerabilities for 'Cosin'   RSS

2019-01-22
 
CVE-2019-6503

CWE-502
 

 
There is a deserialization vulnerability in Chatopera cosin v3.10.0. An attacker can execute commands during server-side deserialization by uploading maliciously constructed files. This is related to the TemplateController.java impsave method and the MainUtils toObject method.

 


Copyright 2024, cxsecurity.com

 

Back to Top