Title: CVE-2021-28398 | GeoNetwork up to 3.11.x/4.0.3 LocalFilesystemHarvester.java runBeforeScript os command injection (GHSA-cf8p-c88c-h9jf)
Description: A vulnerability, which was classified as critical, has been found in GeoNetwork up to 3.11.x/4.0.3. Affected by this issue is the function runBeforeScript of the file harvesters/src/main/java/org/fao/geonet/kernel/harvest/harvester/localfilesyste m/LocalFilesystemHarvester.java. The manipulation leads to os command injection.
Link:
https://vuldb.com/?id.207884
Tue, 06 Sep 2022 09:57:44 +0200
--- The information is for informational purposes only.
* Origin: Read us with
http://winpoint.org/ (2:467/888.88)