Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Sitecore Rocks plugin before 2.1.149 for Sitecore allows an unauthenticated threat actor to inject malicious commands and code via the Sitecore Rocks Hard Rocks Service.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sitecore Rocks插件命令注入漏洞
Vulnerability Description
Sitecore是丹麦Sitecore公司的一套在线营销内容管理系统(CMS)。该系统支持内容编辑、多种语言、多网站部署、数字资产管理等。Sitecore Rocks plugin是一套用于Sitecore的开发工具套件。 Sitecore Rocks插件2.1.149之前版本中存在安全漏洞。攻击者可借助Sitecore Rocks Hard Rocks Service利用该漏洞注入恶意的命令和代码。
CVSS Information
N/A
Vulnerability Type
N/A