Description

In JFrog Artifactory before 6.18, it is not possible to restrict either system or repository imports by any admin user in the enterprise, which can lead to "undesirable results."

Remediation

References

CVE-2019-19937

Related Vulnerabilities

ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3834)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4307)

WordPress Plugin WP Google Review Slider Cross-Site Scripting (11.5)

WordPress Plugin Awesome Support-WordPress HelpDesk & Support Multiple Vulnerabilities (4.3.1)

WordPress Plugin Appointment Hour Booking-WordPress Booking Cross-Site Scripting (1.1.44)

Severity

High

Classification

CVE-2019-19937 CWE-20 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities