FusionAuth Remote Code Execution Vulnerability(CVE-2020-7799)

Overview A Remote Code Execution (RCE) vulnerability had discovered in FusionAuth. An authencated attacker can execute commands on system using the Apache FreeMarker Expression language. What is FusionAuth? FusionAuth is an identity access management application. It provides features like registration, login, SSO, MFA, password hashing, password constraints, password reset, email templates, OAuth, OpenID Connect and others. All … Continue reading “FusionAuth Remote Code Execution Vulnerability(CVE-2020-7799)”