CVE-2020-26118 – In SmartBear Collaborator Server through 13.1.13100, use of the Google Web Toolkit (GWT) A …

11 January 2021

Vuln ID: CVE-2020-26118

Published: 2021-01-11 15:15:12Z

Description: In SmartBear Collaborator Server through 13.1.13100, use of the Google Web Toolkit (GWT) API introduces a post-authentication Java deserialization vulnerability. The application accepts a serialized Java object directly from the user without properly sanitizing it. A malicious object can be submitted to the server via an authenticated attacker to execute commands on the underlying system.

Source: NVD.NIST.GOV

Date:

11 January 2021

Categorie(s):

NVD

Tag(s):

NVD

A crafty new Android notification power-up24 April 2024
Binarly releases Transparency Platform v2.0 to improve software supply chain security24 April 2024
ShotSpotter Keeps Listening for Gunfire After Contracts Expire24 April 2024
French security startup BforeAI raises $15M for US expansion and service enhancement24 April 2024
Microsoft uses its genAI leverage against China — prelude to a tech Cold War?24 April 2024