Description
In SCIMono before 0.0.19, it is possible for an attacker to inject and execute java expression compromising the availability and integrity of the system.
Remediation
References
https://github.com/SAP/scimono/security/advisories/GHSA-29q4-gxjq-rx5c
Related Vulnerabilities
CVE-2012-5887 Vulnerability in maven package tomcat:catalina
CVE-2023-30532 Vulnerability in maven package org.jenkinsci.plugins.spoonscript:spoonscript
CVE-2021-23648 Vulnerability in npm package @braintree/sanitize-url
CVE-2020-28480 Vulnerability in maven package org.webjars.npm:jointjs
CVE-2016-10570 Vulnerability in npm package pngcrush-installer