CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack

CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack (thehackernews.com)
from kid@sh.itjust.works to cybersecurity@sh.itjust.works on 16 Oct 14:22
https://sh.itjust.works/post/48029287

#cybersecurity

threaded - newest

fubarx@lemmy.world on 16 Oct 14:55 next collapse

The flaw results from the dangerously exposed /adminui/debug servlet, which evaluates user-supplied OGNL expressions as Java code without requiring authentication or input validation."

WTF? 😳

redsand@lemmy.dbzer0.com on 16 Oct 21:22 collapse

Under active attack and people are advised to patch by Nov 5 😂