VulnerAlert



JAVA
TECHNOLOGY
05-06-2025 23:33

CVE-2025-5680 Vulnerabilidad documentada

5.3 MEDIUM
Tags
#java
#exploit
#critical
#form
#technology
#vulnerability
#affected
#remote
#execute
#critic
#attack
#affect
Descripción
A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected by this is the function executeScript of file /src/main/java/com/dstz/sys/rest/controller/SysScriptController.java component Groovy Script Handler. The manipulation argument script leads deserialization. attack can be launched remotely. exploit has been disclosed public and may used.
https://gitee.com/agile-bpm/agile-bpm-basic/issues/ICAPT5
https://vuldb.com/?ctiid.311167
https://vuldb.com/?id.311167
https://vuldb.com/?submit.585108
Referencia
Link externo
Ver detalles

Fuente
https://nvd.nist.gov/vuln/detail/CVE-2025-5680
Resultados similares
Coincidentes en almenos en 50% de los tags
05-06-2025 CVE-2025-5679
A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Te...
Ver información
05-06-2025 CVE-2020-8929
A mis-handling of invalid unicode characters in the Java implementation of Tink versions prior ...
Ver información
Icons made by Freepik from www.flaticon.com
Este Proyecto fue cofinanciado por el Consejo Nacional de Ciencia y Tecnología (CONACYT) a través del PROINNOVA 2021/2023
Proyecto realizado por