We have an automated task that runs the OWASP plugin (Maven on Java stack) that automatically creates a JIRA issue if there is any issue found. So I pickup the JIRA ticket and look at the CVE. First things first I __READ__ the actual CVE. Score: 7, ok that is bad Hacker can do ANYTHING by using the tmp file on THE ACTUAL MACHINE ... drag to cancel