Description
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).
Remediation
References
Related Vulnerabilities
WordPress Plugin DosCero.Menu Cross-Site Scripting (1.0)
WordPress Plugin Email Verification for WooCommerce Unspecified Vulnerability (1.8.1)
WordPress CVE-2023-5561 Vulnerability (CVE-2023-5561)
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.10)
JQuery UI Cross-site Scripting (XSS) Vulnerability (CVE-2016-7103)