Description
Multiple SQL injection vulnerabilities in the User Manager service in Apache Jetspeed before 2.3.1 allow remote attackers to execute arbitrary SQL commands via the (1) role or (2) user parameter to services/usermanager/users/.
Remediation
References
http://haxx.ml/post/140552592371/remote-code-execution-in-apache-jetspeed-230-and
http://packetstormsecurity.com/files/136489/Apache-Jetspeed-Arbitrary-File-Upload.html
http://www.rapid7.com/db/modules/exploit/multi/http/apache_jetspeed_file_upload
https://mail-archives.apache.org/mod_mbox/portals-jetspeed-user/201603.mbox/%3C046318A1-226E-453F-9394-B84F1A33E6A4%40bluesunrise.com%3E
https://portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-0710
https://www.exploit-db.com/exploits/39643/
Related Vulnerabilities
CVE-2020-28503 Vulnerability in maven package org.webjars.npm:copy-props
CVE-2022-2576 Vulnerability in maven package org.eclipse.californium:californium-core
CVE-2023-49652 Vulnerability in maven package org.jenkins-ci.plugins:google-compute-engine
CVE-2023-36477 Vulnerability in maven package org.xwiki.contrib:application-ckeditor-ui
CVE-2018-1002204 Vulnerability in maven package org.webjars:adm-zip