Security Advisory

CVE-2020-7389

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-22 18:27:15

Last updated 2024-09-16 16:53:13

Assigner rapid7

State PUBLISHED

Description

Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production.

← Browse all CVEs View on cve.org ↗