An issue exists in OFCMS prior to 1.1.3. A command execution vulnerability exists via a template file with '<#assign ex="freemarker.template.utility.Execute"?new()> ${ ex("' followed by the command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ofcms project ofcms |