First published: Fri Aug 02 2024(Updated: )
anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server.
Credit: disclosure@vulncheck.com
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.