Description
AviatorScript through 5.2.7 allows code execution via an expression that is encoded with Byte Code Engineering Library (BCEL).
Remediation
References
https://github.com/killme2008/aviatorscript/issues/421
Related Vulnerabilities
CVE-2022-23496 Vulnerability in maven package nl.basjes.parse.useragent:yauaa-flink
CVE-2022-43670 Vulnerability in maven package org.apache.sling:org.apache.sling.cms
CVE-2021-3827 Vulnerability in maven package org.keycloak:keycloak-services
CVE-2019-20365 Vulnerability in maven package org.igniterealtime.openfire:xmppserver
CVE-2022-25894 Vulnerability in maven package com.bstek.uflo:uflo-core