CVE-2019-9614

An issue was discovered in OFCMS before 1.1.3. A command execution vulnerability exists via a template file with '<#assign ex="freemarker.template.utility.Execute"?new()> ${ ex("' followed by the command. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt