CVE-2024-0195 | spider-flow 0.4.3 FunctionController.java FunctionService.saveFunction code injection

Posted by Angelo Barbosa | Jan 2, 2024 | CVE

A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection.

This vulnerability is traded as CVE-2024-0195. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-0195 | spider-flow 0.4.3 FunctionController.java FunctionService.saveFunction code injection

Related Posts

CVE-2024-8154 | SourceCodester QR Code Bookmark System 1.0 Parameter update-bookmark.php tbl_bookmark_id/name/url cross site scripting

CVE-2024-10923 | OpenText ALM Octane Management up to 24.4 cross site scripting

CVE-2024-10332 | Impronta Janto 4.3r11 main.php cross site scripting

CVE-2024-31078 | OpenHarmony up to 4.0.0 Service null pointer dereference