Code Injection Vulnerability in Internal Text Extraction Reports

Code Injection Vulnerability in Internal Text Extraction Reports

CVE-2021-44231 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Internally used text extraction reports allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.

Learn more about our Web Application Penetration Testing UK.