FitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands. Note: A contributor of FitNesse has claimed that this is not a vulnerability but a product specification and this is currently under further investigation.
References
Configurations
No configuration.
History
21 Nov 2024, 09:05
Type | Values Removed | Values Added |
---|---|---|
References | () http://fitnesse.org/FitNesseDownload - | |
References | () https://github.com/unclebob/fitnesse - | |
References | () https://github.com/unclebob/fitnesse/blob/master/SECURITY.md - | |
References | () https://jvn.jp/en/jp/JVN94521208/ - |
10 Oct 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) FitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands. Note: A contributor of FitNesse has claimed that this is not a vulnerability but a product specification and this is currently under further investigation. | |
CWE | CWE-78 |
28 Aug 2024, 16:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-77 | |
Summary |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
18 Mar 2024, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-18 08:15
Updated : 2024-11-21 09:05
NVD link : CVE-2024-28125
Mitre link : CVE-2024-28125
CVE.ORG link : CVE-2024-28125
JSON object : View
Products Affected
No product.