CVE-2022-41711

Name of the Vulnerable Software and Affected Versions Badaso version 2.6.0

Description The issue allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly validate the data uploaded by users.

Recommendations For Badaso version 2.6.0, update to a version that properly validates user-uploaded data to prevent arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.