admin/GobyVuls

mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-06 10:41:40 +00:00

History

gaopeng2 78f6cd1ef9 add vul demo

2021-05-18 14:14:09 +08:00

..

CVE-2020-9496.gif

add vul demo

2021-05-18 14:14:09 +08:00

README.md

add vul demo

2021-05-18 14:14:09 +08:00

README.md

CVE-2020-9496 Apache OFBiz Deserialization RCE

XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03

Affected version: Apache OFBiz 17.12.03

FOFA query rule: header="Set-Cookie: OFBiz.Visitor"

Demo