org.fitnesse:fitnesse@20220815 vulnerabilities

  • latest version

    20240219

  • first published

    17 years ago

  • latest version published

    a month ago

  • licenses detected

  • package manager

Direct Vulnerabilities

Known vulnerabilities in the org.fitnesse:fitnesse package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Command Injection

org.fitnesse:fitnesse is a web server, a wiki and an automated testing tool for software.

Affected versions of this package are vulnerable to Command Injection. An authenticated attacker can execute arbitrary OS commands by sending crafted requests.

Note: It is recommended to use FitNesse Safely as decribed in the Security Policy .

How to fix Command Injection?

There is no fixed version for org.fitnesse:fitnesse.

[0,)
  • M
Improper Restriction of XML External Entity Reference

org.fitnesse:fitnesse is a web server, a wiki and an automated testing tool for software.

Affected versions of this package are vulnerable to Improper Restriction of XML External Entity Reference allowing an attacker to obtain sensitive information, alter data or cause a denial-of-service condition.

How to fix Improper Restriction of XML External Entity Reference?

There is no fixed version for org.fitnesse:fitnesse.

[0,)
  • M
Cross-site Scripting (XSS)

org.fitnesse:fitnesse is a web server, a wiki and an automated testing tool for software.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS). This may allow a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product and accessing a link with specially crafted multiple parameters.

Note: It is recommended to use FitNesse Safely as decribed in the Security Policy .

How to fix Cross-site Scripting (XSS)?

There is no fixed version for org.fitnesse:fitnesse.

[0,)