PT-2023-10241 · Unknown · Galaxy-Data-Resource
Published
2023-01-17
·
Updated
2024-05-17
·
CVE-2015-10062
CVSS v2.0
5.2
Medium
| Vector | AV:A/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
galaxy-data-resource versions up to 14.10.0
Description
A problematic issue was found in the Command Line Template component of galaxy-data-resource, leading to injection through manipulation of an unknown part. Upgrading to version 14.10.1 addresses this issue.
Recommendations
For galaxy-data-resource versions up to 14.10.0, upgrade to version 14.10.1 to resolve the issue. As a temporary workaround, consider restricting access to the Command Line Template component until the upgrade is applied.
Fix
Special Elements Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Galaxy-Data-Resource