CVE-2017-16670

The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:smartbear:soapui:5.3.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-02-19 19:29

Updated : 2024-02-04 19:46


NVD link : CVE-2017-16670

Mitre link : CVE-2017-16670

CVE.ORG link : CVE-2017-16670


JSON object : View

Products Affected

smartbear

  • soapui
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')