Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
eventapp: Use array to pass arguments #5
ISUCON 5 qualifier eventapp could allow OS command injection by sending crafted HTTP requests.
This application isn't expected to run continuously and public, we think this vulnerability's impact is low. But we strongly recommend you to upgrade the eventapp to latest.
This vulnerability is tracked at CVE-2015-5673.
This vulnerability is reported from Shoji Baba via IPA and JPCERT/CC.