Description
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods.
Remediation
References
https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051603
Related Vulnerabilities
CVE-2023-32992 Vulnerability in maven package io.jenkins.plugins:miniorange-saml-sp
CVE-2022-34205 Vulnerability in maven package org.jenkins-ci.plugins:jianliao
CVE-2021-30179 Vulnerability in maven package org.apache.dubbo:dubbo
CVE-2021-43980 Vulnerability in maven package org.apache.tomcat:tomcat
CVE-2021-21695 Vulnerability in maven package org.jenkins-ci.main:jenkins-core