Source |
Dark Reading |
Identifiant |
8425051 |
Date de publication |
2023-12-18 22:41:00 (vue: 2023-12-18 23:08:21) |
Titre |
GWT Vuln, non corrigé, laisse les applications ouvertes au côté serveur RCE Years-Old, Unpatched GWT Vuln Leaves Apps Open to Server-Side RCE |
Texte |
Bien que le défaut de désérialisation Java non authentifié soit connu depuis 2015, les applications GWT restent vulnérables à l'exécution de code côté serveur malveillant, selon de nouvelles recherches.
Although the unauthenticated Java deserialization flaw has been known since 2015, GWT apps remain vulnerable to malicious server-side code execution, new research says. |
Envoyé |
Oui |
Condensat |
2015 although apps been code deserialization execution flaw gwt has java known leaves malicious new old open rce remain research says server side since unauthenticated unpatched vuln vulnerable years |
Tags |
|
Stories |
|
Notes |
★★
|
Move |
|