CVE-2014-1216CVE-2014-1216

Affected configuration(s):

cpe:/a:fitnesse:fitnesse_wiki:20131110
cpe:/a:fitnesse:fitnesse_wiki:20140201

Date published: 2014-04-22T09:06:28.227-04:00

Date last modified: 2014-04-22T12:24:55.520-04:00

CVSS Score: 7.5

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://www.exploit-db.com/exploits/32568

Summary: FitNesse Wiki 20131110, 20140201, and earlier allows remote attackers to execute arbitrary commands by defining a COMMAND_PATTERN and TEST_RUNNER in the pageContent parameter when editing a page.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.