jena-arq is vulnerable to Arbitrary Code Execution. The vulnerability exists due to the insufficient validation of user scripting queries in the library, which allows an attacker to inject and execute malicious JavaScript via a SPARQL query when invoking custom scripts.
CPE | Name | Operator | Version |
---|---|---|---|
apache jena - arq | le | 4.7.0 | |
apache jena - arq | le | 4.7.0 |