CVE-2019-12440

Published May 29th, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

The Sitecore Rocks plugin before 2.1.149 for Sitecore allows an unauthenticated threat actor to inject malicious commands and code via the Sitecore Rocks Hard Rocks Service.

Sitecore/Sitecore.Rocks

Sitecore Rocks is a plugin for Visual Studio for Sitecore developers.

GitHub