Severity: important Description:
There is insufficient checking of user queries in Apache Jena versions 4.7.0 and earlier, when invoking custom scripts. It allows a remote user to execute arbitrary javascript via a SPARQL query. Credit: L3yx of Syclover Security Team (reporter) References: https://jena.apache.org/ https://www.cve.org/CVERecord?id=CVE-2023-22665
