A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS accepts arbitrary code as attachment to tasks. This could allow an attacker to inject malicious code that is executed when loading the attachment.

Go to Source of this post
Author Of this post:

By admin