Nuxeo Authentication Bypass Remote Code Execution

Description:

Nuxeo is vulnerable to Remote Code Execution without authentication using Server Side Template Injection

Recommendation:

We suggest you update Nuxeo to the latest version to eliminate this vulnerability.

Written by

Sooraj V Nair

Cyber Security Engineer