OpenMetaData - SpEL Injection in PUT /api/v1/policies CVE-2024-28253
- Severity
- EPSS Score
- EPSS Percentile
- Vulnerability description
- Not available
- Risk description
- Not available
- Recommendation
- Not available
- References
- https://securitylab.github.com/advisories/GHSL-2023-235_GHSL-2023-237_Open_Metadata/https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-7vf4-x5m2-r6grhttps://nvd.nist.gov/vuln/detail/VE-2024-28253https://codeql.github.com/codeql-query-help/java/java-spel-expression-injectionhttps://github.com/open-metadata/OpenMetadata/blob/b6b337e09a05101506a5faba4b45d370cc3c9fc8/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/EntityRepository.java#L693
- Codename
- Not available
- Detectable with
- Network Scanner
- Scan engine
- Nuclei
- Cisa Kev
- No
- Exploitable with Sniper
- No
- CVE Published
- Not available
- Detection added at
- Software Type
- Not available
- Vendor
- Not available
- Product
- Not available
Detect this vulnerability now!
Check your clients' targets (or your own) for this vulnerability and thousands more! Get proof for validation with our ethical hacking toolkit.