Security Advisory

CVE-2019-6503

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-01-22 14:00:00

Last updated 2024-09-16 23:01:28

Assigner mitre

State PUBLISHED

Description

There is a deserialization vulnerability in Chatopera cosin v3.10.0. An attacker can execute commands during server-side deserialization by uploading maliciously constructed files. This is related to the TemplateController.java impsave method and the MainUtils toObject method.

← Browse all CVEs View on cve.org ↗