Ballcat

ballcat

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Codegen

codegen

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-24881 1Ballcat 1Codegen Nov 21, 2024 Apr 26, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Ballcat Codegen provides the function of online editing code to generate templates. In versions prior to 1.0.0.beta.2, attackers can implement remote code execution through malicious code injection of the template engine...Show more Ballcat Codegen provides the function of online editing code to generate templates. In versions prior to 1.0.0.beta.2, attackers can implement remote code execution through malicious code injection of the template engine. This happens because Velocity and freemarker templates are introduced but input verification is not done. The fault is rectified in version 1.0.0.beta.2.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2022-24881

1Ballcat

1Codegen

Nov 21, 2024

Apr 26, 2022

N/A· v4

9.8 CRITICAL· v3

7.5 HIGH· v2

Ballcat Codegen provides the function of online editing code to generate templates. In versions prior to 1.0.0.beta.2, attackers can implement remote code execution through malicious code injection of the template engine. This happens because Velocity and freemarker templates are introduced but input verification is not done. The fault is rectified in version 1.0.0.beta.2.Show less