Description
Code injection vulnerability in blamer 1.0.0 and earlier may result in remote code execution when the input can be controlled by an attacker.
Remediation
References
https://hackerone.com/reports/772448
Related Vulnerabilities
CVE-2017-12629 Vulnerability in maven package org.apache.lucene:lucene-queryparser
CVE-2023-29522 Vulnerability in maven package org.xwiki.platform:xwiki-platform-xclass-ui
CVE-2023-33201 Vulnerability in maven package org.bouncycastle:bcprov-debug-jdk14
CVE-2022-39381 Vulnerability in npm package hummus
CVE-2023-40572 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore