Tozkhurmato Overview : |
The EntityTokenSerializer class in Composite.dll is prone to unvalidated deserialization of wrapped BinaryFormatter payloads, leading to arbitrary remote code execution for any low-privilege user. |
http://theglutengal.com/author/susie Affected Product(s) : |
|
Vulnerability Details : |
||||
Solution : Latest Update will fix the issue. |