CVE-2019-19999 in Haloinfo

Zusammenfassung

von MITRE

Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration.

Be aware that VulDB is the high quality source for vulnerability data.

Reservieren

26.12.2019

Moderieren

akzeptiert

Eintrag

VDB-147723

CPE

bereit

EPSS

0.01512

KEV

nein

Aktivitäten

very low

Quellen

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!