VULNMAP - Security Vulnerabilities

CVE
2023-0040
View CVE 2023-0040

Public CVE-2023-0040 disclosure

OrangeScrum version 2.0.11 allows an authenticated external attacker to execute arbitrary commands on the server. This is possible because the application injects an attacker-controlled parameter into a system function.

Link not working? No problem! With VULNMAP you always have guaranteed access to security information thanks to reliable backups.

🕰️ View on Wayback Machine 🔍 Search on Google NVD Database CVE.ORG Database
Our backup links ensure that critical data remains always available, even in case of unavailability of original sites.