CVE-2023-32200

HIGH Year: 2023
CVSS v3 Score
8.8
High
Weakness Type
CWE-917
View all →

Vulnerability Description

There is insufficient restrictions of called script functions in Apache Jena versions 4.8.0 and earlier. It allows a remote user to execute javascript via a SPARQL query. This issue affects Apache Jena: from 3.7.0 through 4.8.0.

Related Vulnerabilities

CVE-2010-1871

HIGH
CVSS:8.8(High)

JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows rem...

CWE-9172010

CVE-2019-11942

HIGH
CVSS:8.8(High)

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

CWE-9172019

CVE-2019-11943

HIGH
CVSS:8.8(High)

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

CWE-9172019

CVE-2019-11948

HIGH
CVSS:8.8(High)

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

CWE-9172019

CVE-2019-11951

HIGH
CVSS:8.8(High)

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

CWE-9172019

CVE-2019-11952

HIGH
CVSS:8.8(High)

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

CWE-9172019