Skip to content

Intruders can get admin's access to the system

High
FlexSolution published GHSA-xrc8-fjp4-h4fv Sep 18, 2020

Package

No package listed

Affected versions

<1.2.0

Patched versions

1.2.0

Description

Impact

Reliance on untrusted inputs in a security decision. Intruders can get admin's access to the system using the vulnerability in the project. Impacted all servers where this add-on is installed

Patches

The problem is fixed in version 1.2.0

Workarounds

The only way to get rid of the vulnerability is to upgrade add-on to the latest version or remove it from your Alfresco.

For more information

If you have any questions or comments about this advisory:

Severity

High

CVE ID

CVE-2020-15181

Weaknesses

No CWEs