Nuxeo Authentication Bypass Remote Code Execution

By
Sooraj V Nair
Published on
20 Dec 2021
Vulnerability

Description:

Nuxeo is vulnerable to Remote Code Execution without authentication using Server Side Template Injection

Recommendation:

We suggest you update Nuxeo to the latest version to eliminate this vulnerability.

Written by
Sooraj V Nair
Sooraj V Nair
Cyber Security Engineer
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 14 days