1 results (0.001 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

The Sitecore Rocks plugin before 2.1.149 for Sitecore allows an unauthenticated threat actor to inject malicious commands and code via the Sitecore Rocks Hard Rocks Service. El complemento Sitecore Rocks anterior a versión 2.1.149 para Sitecore permite a un actor de amenazas no autorizado inyectar comandos y códigos maliciosos por medio del servicio Sitecore Rocks Hard Rocks. • https://github.com/Sitecore/Sitecore.Rocks/compare/be79dcc...bd9ba6a https://github.com/Sitecore/Sitecore.Rocks/releases/tag/2.1.149 https://kb.sitecore.net/articles/842902 • CWE-287: Improper Authentication •