إرسال #585127: https://www.tongzhouyun.com/ https://gitee.com/agile-bpm/agile-bpm-basic v2.8 (the latest version code submitted as of 20250526) Codeالمعلومات

عنوانhttps://www.tongzhouyun.com/ https://gitee.com/agile-bpm/agile-bpm-basic v2.8 (the latest version code submitted as of 20250526) Code
الوصفThe open source low-code rapid development platform "[agile-bpm/agile-bpm-basic](https://gitee.com/agile-bpm/agile-bpm-basic)" has a FreeMarker SSTI vulnerability that allows attackers to execute arbitrary FreeMarker code to gain full control of the victim's server.
المصدر⚠️ https://github.com/honorseclab/vulns/blob/main/AgileBPM_agile-bpm-basic/RCE2.md
المستخدم
 Anonymous User
ارسال27/05/2025 04:40 AM (1 سنة منذ)
الاعتدال05/06/2025 07:14 AM (9 days later)
الحالةتمت الموافقة
إدخال VulDB311166 [Shenzhen Dashi Tongzhou Information Technology AgileBPM حتى 2.5.0 SysToolsController.java parseStrByFreeMarker str تجاوز الصلاحيات]
النقاط20

التالي نظرة عامة السابق

Do you know our Splunk app?

Download it now for free!