Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.

A command injection vulnerability exists in Kafka ui between v0.4.0 and v0.7.1 allowing an attacker to inject and execute arbitrary shell commands via the groovy filter parameter at the topic…Read More