An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment.
References
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-10-21T08:49:01

Updated: 2021-10-21T08:49:01

Reserved: 2021-09-29T00:00:00


Link: CVE-2021-41790

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2021-10-21T09:15:08.790

Modified: 2022-07-12T17:42:04.277


Link: CVE-2021-41790

JSON object: View

cve-icon Redhat Information

No data.