CVE-2021-21347
maven/com.thoughtworks.xstream/xstream
Unrestricted Upload of File with Dangerous Type
XStream is a Java library to serialize objects to XML and back again. In XStream, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream.
All versions before 1.4.16
Upgrade to version 1.4.16 or above.
2021-03-26
| source |