RSS   Vulnerabilities for
'Alfresco enterprise content management'
   RSS

2021-02-19
 
CVE-2020-12873

CWE-74
 

 
An issue was discovered in Alfresco Enterprise Content Management (ECM) before 6.2.1. A user with privileges to edit a FreeMarker template (e.g., a webscript) may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running Alfresco.

 

 >>> Vendor: Atlassian 44 Products
Confluence
JIRA
Fisheye
Bamboo
Crowd
Crucible
Hipchat
Jira core
Jira service desk
Jira integration for hipchat
Bitbucket
Hipchat server
Sourcetree
Oauth
Bitbucket auto unapprove plugin
Bitbucket server
Floodlight
Floodlight controller
Cloudtoken
Crowd2
Application links
Universal plugin manager
Jira service desk server
Troubleshooting and support
Saml single sign on
Subversion application lifecycle management
Jira software data center
Companion
Navigator links
Data center
Editor-core
Alfresco enterprise content management
Connect express
Connect spring boot
Jira server and data center
Jira service management
Confluence data center
Confluence server
Bitbucket data center
Jira data center
Jira server
Assets discovery data server
Assets discovery data center
Assets discovery cloud


Copyright 2024, cxsecurity.com

 

Back to Top