Homepage
About Snyk

org.fitnesse:fitnesse@20080702 vulnerabilities

The fully integrated standalone wiki, and acceptance testing framework.

  • latest version

    20221219

  • latest non vulnerable version

    20221219

  • first published

    16 years ago

  • latest version published

    2 months ago

  • licenses detected

  • package manager

    View on Maven Repository
Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.fitnesse:fitnesse package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Arbitrary Command Execution

org.fitnesse:fitnesse is a web server, a wiki and an automated testing tool for software.

Affected versions of this package are vulnerable to Arbitrary Command Execution. FitNesse Wiki 20131110, 20140201, and earlier allows remote attackers to execute arbitrary commands by defining a COMMAND_PATTERN and TEST_RUNNER in the pageContent parameter when editing a page.

How to fix Arbitrary Command Execution?

Upgrade org.fitnesse:fitnesse to version 20140201 or higher.

[0,20140201)
Go back to all versions of this package