Arbitrary Code Execution via Unsafe Usage of Pickle in Graphite Web
CVE-2013-5093 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object.
Learn more about our Web App Pen Testing.