2020-02-19 13:20:41
mitre
PUBLISHED
The XStream extension in HP Fortify SCA before 2.2 RC3 allows remote attackers to execute arbitrary code via unsafe deserialization of XML messages.