Vulnerability Details CVE-2020-27958
The Job Composer app in Ohio Supercomputer Center Open OnDemand before 1.7.19 and 1.8.x before 1.8.18 allows remote authenticated users to provide crafted input in a job template.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.3%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.0
References
- https://discourse.osc.edu/t/security-fix-in-open-ondemand-1-8-18-and-1-7-19-patch-releases-now-available/1198
- https://github.com/OSC/Open-OnDemand/commits/master
- https://listsprd.osu.edu/pipermail/ood-users/
- https://discourse.osc.edu/t/security-fix-in-open-ondemand-1-8-18-and-1-7-19-patch-releases-now-available/1198
- https://github.com/OSC/Open-OnDemand/commits/master
- https://listsprd.osu.edu/pipermail/ood-users/
Products affected by CVE-2020-27958
-
cpe:2.3:a:osu:ohio_supercomputer_center_open_ondemand:*