Pentaho API Auth bypass (CVE-2021-31602)
Description
Invicti determined that it was possible to access Pentaho API without authentication with a specially crafted HTTP request.
Remediation
Upgrade to the latest version of Pentaho
Looking for the vulnerability index of Invicti's legacy products?