Vulnerabilities (CVE)

Filtered by vendor Oscore Subscribe
Filtered by product Oscore
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-39022 1 Oscore 1 Oscore 2024-11-21 N/A 9.8 CRITICAL
oscore v2.2.6 and below was discovered to contain a code injection vulnerability in the component com.opensymphony.util.EJBUtils.createStateless. This vulnerability is exploited via passing an unchecked argument.