Nuxeo vulnerable to Reflected Cross-Site Scripting leading to Remote Code Execution
Discription
The Nuxeo Platform is an open source content management platform for building business applications. In version 11.5.109, the `oauth2` REST API is vulnerable to Reflected Cross-Site Scripting (XSS). This XSS can be escalated to Remote Code Execution (RCE) by levering the automation API.Read More
References
Back to Main