CVE-2021-23259

Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotely(RCE). > MITRE Terms of Use apply – see LICENSE‑MITRE.txt