Description
JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to DoS, Privilege Escalation and Remote Code Execution when a specially crafted request is sent by a low privileged authenticated user due to insufficient validation of a user-provided serialized object.
Remediation
References
Related Vulnerabilities
MyBB Improper Access Control Vulnerability (CVE-2016-9415)
WordPress Plugin Customize Feeds for Twitter Cross-Site Request Forgery (1.8.8)
WordPress Plugin Admin Menu Tree Page View Multiple Vulnerabilities (2.6.9)
Joomla! Core 3.9.x Cross-Site Scripting (3.9.0 - 3.9.14)
WordPress Plugin BuddyPress 'page' Parameter SQL Injection (1.5.4)