GHSA-64vw-hq5r-5qmjMediumCVSS 6.5
Oinone Pamirs 7.0.0 contains a code execution vulnerability via ScriptRunner. The method...
🔗 CVE IDs covered (1)
📋 Description
Oinone Pamirs 7.0.0 contains a code execution vulnerability via ScriptRunner. The method ScriptRunner.run(String expression, String type, Map<String, Object> context) evaluates attacker-controlled script expressions through the underlying script engine without sandboxing or allowlist restrictions.