Jedox version 2022.4.2 has a vulnerability in /be/rpc.php and /be/erpc.php that allows remote authenticated users to load arbitrary PHP classes from the rtn directory and to execute its methods.
ccf211f35f6efc1e74056a425e818939d4b997eb3c43d2de782f50e9ba9d5712