VYPR
High severity8.8NVD Advisory· Published Aug 30, 2021· Updated Jun 17, 2026

CVE-2021-39271

CVE-2021-39271

Description

OrbiTeam BSCW Classic before 7.4.3 allows authenticated remote code execution (RCE) during archive extraction via attacker-supplied Python code in the class attribute of a .bscw file. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • OrbiTeam/BSCW Classicdescription
  • Range: <7.4.3, 5.0.12, 5.1.10, 5.2.4, 7.3.3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.