Certain Stimulsoft GmbH products are affected by: Remote Code Execution. This affects Stimulsoft Designer (Desktop) 2023.1.4 and Stimulsoft Designer (Web) 2023.1.3 and Stimulsoft Viewer (Web) 2023.1.3. Access to the local file system is not prohibited in any way. Therefore, an attacker may include source code which reads or writes local directories and files. It is also possible for the attacker to prepare a report which has a variable that holds the gathered data and render it in the report.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-03-27T00:00:00
Updated: 2024-08-02T11:18:36.259Z
Reserved: 2023-02-06T00:00:00
Link: CVE-2023-25261
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-03-27T21:15:11.053
Modified: 2024-11-21T07:49:21.750
Link: CVE-2023-25261
Redhat
No data.