Apache Syncope, has disclosed a critical security vulnerability that allows authenticated administrators to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025-57738, impacts all Apache Syncope versions 3.x before 3.0.14 and 4.x before 4.0.2, exposing organisations to potential system compromise through malicious Groovy code injection.”‹ Vulnerability Details and Attack Mechanism The vulnerability exists […] The post Apache Syncope Groovy Flaw Allows Remote Code Injection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/apache-syncope-groovy-flaw/
