Description

In JFrog Artifactory before 6.18, it is not possible to restrict either system or repository imports by any admin user in the enterprise, which can lead to "undesirable results."

Remediation

References

CVE-2019-19937

Related Vulnerabilities

WordPress Plugin WPPizza Cross-Site Scripting (2.11.8.17)

Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48706)

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-10705)

Oracle Application Server CVE-2007-5523 Vulnerability (CVE-2007-5523)

WordPress Plugin VikBooking Hotel Booking Engine & PMS Cross-Site Scripting (1.5.8)

Severity

High

Classification

CVE-2019-19937 CWE-20 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities