ReportizFlow
Filtered by vendor Fitnesse
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-28125 | 1 Fitnesse | 1 Fitnesse | 2024-11-21 | 9.8 Critical |
| FitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands. Note: A contributor of FitNesse has claimed that this is not a vulnerability but a product specification and this is currently under further investigation. | ||||
| CVE-2014-1216 | 1 Fitnesse | 1 Fitnesse Wiki | 2024-11-21 | N/A |
| FitNesse Wiki 20131110, 20140201, and earlier allows remote attackers to execute arbitrary commands by defining a COMMAND_PATTERN and TEST_RUNNER in the pageContent parameter when editing a page. | ||||
| CVE-2024-42499 | 1 Fitnesse | 1 Fitnesse | 2024-11-18 | 5.3 Medium |
| Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in FitNesse releases prior to 20241026. If this vulnerability is exploited, an attacker may be able to know whether a file exists at a specific path, and/or obtain some part of the file contents under specific conditions. | ||||
Page 1 of 1.