syncope-client-console is vulnerable to server-side template injection. The attack is possible because it uses different types of interpolation, such as Java EL expressions for handling custom constrain violation error messages during building of Java Bean Validation custom constraint validators.Therefore, an attacker can inject malicious data using the error message template being passed, leading to a remote code execution.
CPE | Name | Operator | Version |
---|---|---|---|
apache syncope client console | le | 2.1.5 | |
apache syncope client console | le | 2.0.14 |