Unauthenticated Remote Command Execution in Skyscreamer Open Source Nevado JMS v1.3.2

Unauthenticated Remote Command Execution in Skyscreamer Open Source Nevado JMS v1.3.2

CVE-2023-31826 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Skyscreamer Open Source Nevado JMS v1.3.2 does not perform security checks when receiving messages. This allows attackers to execute arbitrary commands via supplying crafted data.

Learn more about our Open Source Audit.