Description
apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via the pluginUri argument.
Remediation
References
https://openbase.io/js/apiconnect-cli-plugins
https://snyk.io/vuln/SNYK-JS-APICONNECTCLIPLUGINS-564427
Related Vulnerabilities
CVE-2019-16541 Vulnerability in maven package org.jenkins-ci.plugins:jira
CVE-2016-2141 Vulnerability in maven package org.jgroups:jgroups
CVE-2020-7656 Vulnerability in maven package org.fujion.webjars:jquery
CVE-2018-1229 Vulnerability in maven package org.springframework.batch:spring-batch-admin
CVE-2021-41183 Vulnerability in maven package org.webjars:jquery-ui