Vulnerability CVE-2020-1956


Published: 2020-05-22

Description:
Kylin has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation.

 References:
https://lists.apache.org/thread.html/r1332ef34cf8e2c0589cf44ad269fb1fb4c06addec6297f0320f5111d%40%3Cuser.kylin.apache.org%3E

Copyright 2020, cxsecurity.com

 

Back to Top