Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A sandbox escape vulnerability exists in dotCMS’s Velocity scripting engine (VTools) that allows authenticated users with scripting privileges to bypass class and package restrictions enforced by SecureUberspectorImpl. By dynamically modifying the Velocity engine’s runtime configuration and reinitializing its Uberspect, a malicious actor can remove the introspector.restrict.classes and introspector.restrict.packages protections. Once these restrictions are cleared, the attacker can access arbitrary Java classes, including java.lang.Runtime, and execute arbitrary system commands under the privileges of the application process (e.g. dotCMS or Tomcat user).
CVSS Information
N/A
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
DotCMS 安全漏洞
Vulnerability Description
DotCMS是DotCMS公司的一个用 Java 编写的开源内容管理系统。用于管理内容和内容驱动的站点和应用程序。 DotCMS存在安全漏洞,该漏洞源于Velocity脚本引擎存在沙箱逃逸,可能导致具有脚本权限的经过身份验证用户绕过SecureUberspectorImpl强制实施的类和包限制,访问任意Java类并执行任意系统命令。
CVSS Information
N/A
Vulnerability Type
N/A