In the web ui of the openbuildservice prior to 2.3.0 a code injection of the project rebuildtimes statistics could be used by authorized malicious users to execute shellcode.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse open build service |