CVE-2021-34427

Publication date

2021-06-25 00:00:00

Family

eclipse

State

PUBLISHED

Description

In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote (current BIRT viewer dir) to inject JSP code into the running instance.