Description
The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file.
Remediation
References
http://packetstormsecurity.com/files/146339/SoapUI-5.3.0-Code-Execution.html
Related Vulnerabilities
CVE-2023-46652 Vulnerability in maven package org.jenkins-ci.plugins:lambdatest-automation
CVE-2018-3738 Vulnerability in npm package protobufjs
CVE-2020-15138 Vulnerability in maven package org.webjars:prismjs
CVE-2018-5673 Vulnerability in maven package org.apache.geronimo.plugins:dojo
CVE-2012-3451 Vulnerability in maven package org.apache.cxf:cxf-bundle