CVE-2023-31826

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in maven/org.skyscreamer/nevado-jms

Identifiers

CVE-2023-31826, GHSA-7gm3-mwjw-j53w

Package Slug

maven/org.skyscreamer/nevado-jms

Vulnerability

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Description

Skyscreamer Open Source Nevado JMS v1.3.2 does not perform security checks when receiving messages. This allows attackers to execute arbitrary commands via supplying crafted data.

Affected Versions

Version 1.3.2

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-05-24

source