Template Injection Vulnerability in Hitachi Vantara Pentaho Business Analytics Server
CVE-2022-43769 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.
Learn more about our Web App Pen Testing.