Enviar #585127: https://www.tongzhouyun.com/ https://gitee.com/agile-bpm/agile-bpm-basic v2.8 (the latest version code submitted as of 20250526) Codeinformación

Títulohttps://www.tongzhouyun.com/ https://gitee.com/agile-bpm/agile-bpm-basic v2.8 (the latest version code submitted as of 20250526) Code
DescripciónThe open source low-code rapid development platform "[agile-bpm/agile-bpm-basic](https://gitee.com/agile-bpm/agile-bpm-basic)" has a FreeMarker SSTI vulnerability that allows attackers to execute arbitrary FreeMarker code to gain full control of the victim's server.
Fuente⚠️ https://github.com/honorseclab/vulns/blob/main/AgileBPM_agile-bpm-basic/RCE2.md
Usuario
 Anonymous User
Sumisión2025-05-27 04:40 (hace 1 Año)
Moderación2025-06-05 07:14 (9 days later)
EstadoAceptado
Entrada de VulDB311166 [Shenzhen Dashi Tongzhou Information Technology AgileBPM hasta 2.5.0 SysToolsController.java parseStrByFreeMarker str escalada de privilegios]
Puntos20

AnteriorVisión De ConjuntoPróximo

Interested in the pricing of exploits?

See the underground prices here!