Apache Tomcat has published a vulnerability information for CVE-2021-25329.
(1) Does the above vulnerability apply to Spectrum 10.4.1 (Oneclick)?
CVE-2021-25329 : This can be exploited when a user gets access to a file on the server. Later he can execute the file with scripts/malware on it. This can be a concern.
Release : 10.4.1
Component : Spectrum Core / SpectroSERVER
(1) Does the above vulnerability apply to Spectrum 10.4.1 (Oneclick)?
Ans) Yes.
Note : Spectrum will upgrade to 9.0.43 tomcat in the next release where this issue will be fixed.