Advisories for Maven/Org.vivoweb/Vitro-Project package

2019

Improper Input Validation

SPARQL Injection in VIVO Vitro allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service (ReDoS), as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request.