Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
个人开源 mldong DecisionModel.java ExpressionEngine code injection
Vulnerability Description
A vulnerability, which was classified as critical, has been found in 个人开源 mldong 1.0. This issue affects the function ExpressionEngine of the file com/mldong/modules/wf/engine/model/DecisionModel.java. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251561 was assigned to this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
mldong 代码注入漏洞
Vulnerability Description
mldong是mldong个人开发者的一个基于SpringBoot+Vue3快速开发平台、自研工作流引擎。 mldong 1.0版本存在代码注入漏洞,该漏洞源于文件com/mldong/modules/wf/engine/model/DecisionModel.java的ExpressionEngine函数会导致代码注入。
CVSS Information
N/A
Vulnerability Type
N/A