There is insufficient restrictions of called script functions in Apache Jena
versions 4.8.0 and earlier. It allows a
remote user to execute javascript via a SPARQL query.
This issue affects Apache Jena: from 3.7.0 through 4.8.0.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2023-07-12T07:49:55.432Z
Updated: 2024-08-02T15:10:23.901Z
Reserved: 2023-05-04T12:49:34.610Z
Link: CVE-2023-32200
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-07-12T08:15:10.070
Modified: 2023-07-20T01:05:41.153
Link: CVE-2023-32200
Redhat
No data.