2024-05-14 08:09:39
CERTVDE
PUBLISHED
A low privileged remote attacker can use a command injection vulnerability in the API which performs remote code execution as the user-app user due to improper input validation. The confidentiality is partly affected.