FitNesse Wiki 20131110, 20140201, and previous versions allows remote malicious users to execute arbitrary commands by defining a COMMAND_PATTERN and TEST_RUNNER in the pageContent parameter when editing a page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fitnesse fitnesse wiki |
||
fitnesse fitnesse wiki 20131110 |