Full title: Pentaho BA Server EE 9.3.0.0-428 Server-Side Template Injection / Remote Code Execution 
Category: web applications
Platform: windows
Pentaho BA Server EE version 9.3.0.0-428 suffers from a remote code execution vulnerability via a server-side template injection flaw.

# 0day.today @ http://0day.today/