2022-10-26 15:15:45
certcc
PUBLISHED
A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5. An authenticated attacker can inject arbitrary pickle object as part of a users profile. This can lead to code execution on the server when the users profile is accessed.