Critical severity9.8NVD Advisory· Published Feb 18, 2021· Updated Jun 17, 2026
CVE-2021-27335
CVE-2021-27335
Description
KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter.
Affected products
2- KollectApps/KollectAppsdescription
- Range: <4.8.16c
Patches
Vulnerability mechanics
References
1- hacked0x90.net/index.php/2021/02/15/kollectapp-insecure-java-deserialization/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.