Tag

Valtimo

1 brief RSS

Valtimo SpEL Injection Vulnerability Allows Remote Code Execution

Valtimo is vulnerable to SpEL injection via StandardEvaluationContext, which allows Remote Code Execution by admin users who can execute arbitrary OS commands and exfiltrate sensitive information.

Valtimo document module +2 spel-injection rce valtimo

2r 1t 1h ago