mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
673 B
673 B
CVE-2018-13439
Description
WXPayUtil in WeChat Pay Java SDK allows XXE attacks involving a merchant notification URL.
POC
Reference
- https://packetstormsecurity.com/files/148390/WeChat-Pay-SDK-XXE-Injection.html
- https://packetstormsecurity.com/files/148390/WeChat-Pay-SDK-XXE-Injection.html
Github
No PoCs found on GitHub currently.