CVE-2024-0738

Name of the Vulnerable Software and Affected Versions mldong version 1.0

Description A critical issue has been found in mldong, affecting the ExpressionEngine function of the file com/mldong/modules/wf/engine/model/DecisionModel.java. This issue leads to code injection and can be initiated remotely. The exploit has been disclosed to the public.

Recommendations For version 1.0, consider disabling the ExpressionEngine function until a patch is available to prevent code injection attacks. Restrict access to the com/mldong/modules/wf/engine/model/DecisionModel.java file to minimize the risk of exploitation. Avoid using the DecisionModel.java file in remote operations until the issue is resolved.