Security researcher Alvaro Muñoz recently warned of a critical vulnerability in versions 1.5 through 1.9 of Apache Commons Text. The flaw, dubbed “Text4Shell” and identified as CVE-2022-42889, can enable remote code execution via the StringSubstitutor API. In response, version 1.10 was released, which disables script interpolation by default. While the flaw carries a very high […]
The post Time-Consuming Remediation: Assessing the Impact of Text4Shell appeared first on eSecurityPlanet.
This article has been indexed from eSecurityPlanet
Read the original article: