CVE-2021-41790

An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:alfresco:alfresco_content_services:7.0.0.2:*:*:*:enterprise:*:*:*
cpe:2.3:a:alfresco:alfresco_content_services:7.0.0.1:*:*:*:enterprise:*:*:*
cpe:2.3:a:alfresco:alfresco_content_services:7.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:alfresco:alfresco_content_services:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:alfresco:alfresco_content_services:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:alfresco:alfresco_content_services:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:alfresco:alfresco_content_services:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:alfresco:alfresco_content_services:*:*:*:*:enterprise:*:*:*

Information

Published : 2021-10-21 02:15

Updated : 2022-07-12 10:42


NVD link : CVE-2021-41790

Mitre link : CVE-2021-41790


JSON object : View

Advertisement

dedicated server usa

Products Affected

alfresco

  • alfresco_content_services