| Title | HOJ v4.6 exists python sandbox escape causing rce |
|---|
| Description | HOJ is a front-end and back-end separation, distributed architecture based on Vue and Spring Boot, Spring Cloud Alibaba builds the evaluation system based on Vue and Spring Boot, Spring Cloud Alibaba builds the front-end and back-end separation, distributed architecture evaluation system.
HOJ exists python sandbox escape causing rce.This vulnerability is caused by a failure to perform security checks on code submitted for evaluation.Developers can blacklist sensitive functions and reject the request when blacklisted functions are present in the submitted code |
|---|
| Source | ⚠️ https://github.com/payI0ad/cves/issues/1 |
|---|
| User | payIoad (UID 54726) |
|---|
| Submission | 09/16/2023 13:12 (3 years ago) |
|---|
| Moderation | 09/27/2023 10:08 (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 240365 [HimitZH HOJ up to 4.6-9a65e3f Topic sandbox] |
|---|
| Points | 20 |
|---|