VYPR

Alfresco Share

by Hyland

CVEs (1)

  • CVE-2023-49964HigDec 11, 2023
    risk 0.60cvss 8.8epss 0.35

    An issue was discovered in Hyland Alfresco Community Edition through 7.2.0. By inserting malicious content in the folder.get.html.ftl file, an attacker may perform SSTI (Server-Side Template Injection) attacks, which can leverage FreeMarker exposed objects to bypass restrictions…