CVE-2020-0872

Name of the Vulnerable Software and Affected Versions Application Inspector versions v1.0.23 or earlier

Description A remote code execution issue exists due to the tool reflecting example code snippets from third-party source files into its HTML output. This can be exploited by a remote attacker to execute arbitrary code by running an application containing a malicious third-party component. The vulnerability is related to the lack of protection measures for the web page structure.

Recommendations For Application Inspector versions v1.0.23 or earlier, update to a version later than v1.0.23 to resolve the issue. As a temporary workaround, consider restricting the reflection of example code snippets from third-party source files into the HTML output until a patch is available.