| 제목 | https://www.tongzhouyun.com/ https://gitee.com/agile-bpm/agile-bpm-basic v2.8 (the latest version code submitted as of 20250526) Code Injection |
|---|
| 설명 | The open source low-code rapid development platform "[agile-bpm/agile-bpm-basic](https://gitee.com/agile-bpm/agile-bpm-basic)" has a code execution vulnerability that allows attackers to execute arbitrary Groovy scripts to gain full control of the victim's server. |
|---|
| 원천 | ⚠️ https://github.com/honorseclab/vulns/blob/main/AgileBPM_agile-bpm-basic/RCE.md |
|---|
| 사용자 | Anonymous User |
|---|
| 제출 | 2025. 05. 27. AM 03:48 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 06. 05. AM 07:14 (9 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 311167 [Shenzhen Dashi Tongzhou Information Technology AgileBPM 까지 2.5.0 Groovy Script SysScriptController.java executeScript script 권한 상승] |
|---|
| 포인트들 | 20 |
|---|