Difference between revisions of "Groovy scripts and formulas can escape sandbox"

From Freeplane - free mind mapping and knowledge management software
(Created page with "Reported on 2017/02/19 Fix released on 2017/04/15 Reported by Adrián Bravo Navarro, https://www.linkedin.com/in/adrianbn ==Description of Vulnerability== Scripts and formula...")
 
Line 1: Line 1:
 
Reported on 2017/02/19
 
Reported on 2017/02/19
 +
 
Fix released on 2017/04/15
 
Fix released on 2017/04/15
 +
 
Reported by Adrián Bravo Navarro, https://www.linkedin.com/in/adrianbn
 
Reported by Adrián Bravo Navarro, https://www.linkedin.com/in/adrianbn
  

Revision as of 09:11, 23 April 2017

Reported on 2017/02/19

Fix released on 2017/04/15

Reported by Adrián Bravo Navarro, https://www.linkedin.com/in/adrianbn

Description of Vulnerability

Scripts and formulas can escape security sandbox and take full control over computer calling private methods of security relevant classes from java.lang .