Description
JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to DoS, Privilege Escalation and Remote Code Execution when a specially crafted request is sent by a low privileged authenticated user due to insufficient validation of a user-provided serialized object.
Remediation
References
Related Vulnerabilities
ownCloud Other Vulnerability (CVE-2014-2055)
WordPress Plugin WordPress for Google Maps-WP MAPS Cross-Site Request Forgery (4.0.9)
WordPress Plugin Captcha by BestWebSoft Security Bypass (4.0.6)
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-9664)
WordPress Plugin TheCartPress eCommerce Shopping Cart Order Information Security Bypass (1.1.9.2)