Tag

Scripting

3 briefs RSS

XWiki Remote Code Execution via Unprotected Velocity Scripting API

XWiki is vulnerable to remote code execution due to an improperly protected scripting API, allowing users with script rights to bypass the Velocity scripting API sandbox and execute arbitrary code, leading to full instance compromise.

xwiki rce velocity scripting CVE-2026-33229

2r 2t 3w ago

medium advisory

Windows Script Execution from Archive File

2 rules 3 TTPs

This rule identifies attempts to execute Jscript/Vbscript files from an archive file, a common delivery method for malicious scripts on Windows systems.

M365 Defender +2 execution windows scripting archive

2r 3t Jan 24, 2024

medium advisory

Execution of a Downloaded Windows Script

3 rules 7 TTPs

This rule identifies the creation and subsequent execution of a Windows script downloaded from the internet, a technique used by adversaries for initial access and execution on Windows systems.

Elastic Defend execution windows scripting threat-detection

3r 7t Jan 3, 2024