New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Multiple vulnerabilities that can result in RCE #1122
Comments
|
Hello, CVE-2020-14044First, admin’s SSRF and downloading webshell to the server: PoC: Possible mitigation: CVE-2020-14042Second, XSS when renaming folders: PoC: Possible mitigation: CVE-2020-14043Third, CSRF: Possible mitigation: Finally, our working webshell: Feel free to contact us at ScaAppSec@checkmarx.com. |





Hello,
Our research team in Checkmarx found multiple vulnerabilities in Codiad (XSS, CSRF, SSRF, RCE), we tried to contact the top three maintainers and none of them are active. If there are any active developers on this project feel free to contact us for more information.
ScaAppSec@checkmarx.com
Best regards,
Yaniv.
The text was updated successfully, but these errors were encountered: