CVE-2020-21125
Published
CVSS v3
9.8
CRITICAL
CVSS v2
7.5
HIGH
Affected
1
PROJECT
Description
An arbitrary file creation vulnerability in UReport 2.2.9 allows attackers to execute arbitrary code.
UReport2 is a high-performance pure Java report engine based on Spring architecture, where complex Chinese-style statements and reports can be prepared by iterating over cells.
GitHub