Researchers have disclosed a security flaw affecting H2 database consoles that could result in remote code execution in a manner that echoes the Log4j “Log4Shell” vulnerability that came to light last month.
The issue, tracked as CVE-2021-42392, is the “first critical issue published since Log4Shell, on a component other than Log4j, that exploits the same root cause of the Log4Shell
Source: Google Hacker News
Log4Shell-like Critical RCE Flaw Discovered in H2 Database Console
