RSS   Vulnerabilities for 'Glot-www'   RSS

2019-06-21
 
CVE-2018-15747

CWE-20
 

 
The default configuration of glot-www through 2018-05-19 allows remote attackers to execute arbitrary code because glot-code-runner supports os.system within a "python" "files" "content" JSON file.

 


Copyright 2024, cxsecurity.com

 

Back to Top