Description

Multiple SQL injection vulnerabilities in the User Manager service in Apache Jetspeed before 2.3.1 allow remote attackers to execute arbitrary SQL commands via the (1) role or (2) user parameter to services/usermanager/users/.

Remediation

References

http://haxx.ml/post/140552592371/remote-code-execution-in-apache-jetspeed-230-and

http://packetstormsecurity.com/files/136489/Apache-Jetspeed-Arbitrary-File-Upload.html

http://www.rapid7.com/db/modules/exploit/multi/http/apache_jetspeed_file_upload

https://mail-archives.apache.org/mod_mbox/portals-jetspeed-user/201603.mbox/%3C046318A1-226E-453F-9394-B84F1A33E6A4%40bluesunrise.com%3E

https://portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-0710

https://www.exploit-db.com/exploits/39643/

Related Vulnerabilities

CVE-2023-33187 Vulnerability in npm package highlight.run

CVE-2018-3753 Vulnerability in npm package merge-objects

CVE-2018-16469 Vulnerability in maven package org.webjars.npm:merge

CVE-2022-23619 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web

CVE-2023-37957 Vulnerability in maven package io.jenkins.plugins:pipeline-restful-api

Severity

Critical

Classification

CWE-89 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Vendor Advisory