Groovy scripts and formulas can escape sandbox

From Freeplane - free mind mapping and knowledge management software
Revision as of 09:10, 23 April 2017 by Dimitry (talk | contribs) (Created page with "Reported on 2017/02/19 Fix released on 2017/04/15 Reported by Adrián Bravo Navarro, https://www.linkedin.com/in/adrianbn ==Description of Vulnerability== Scripts and formula...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Reported on 2017/02/19 Fix released on 2017/04/15 Reported by Adrián Bravo Navarro, https://www.linkedin.com/in/adrianbn

Description of Vulnerability

Scripts and formulas can escape security sandbox and take full control over computer calling private methods of security relevant classes from java.lang .