cve/CVE-2024-36522.md at a8969e132322a214e7b78da5711159d6f891f0ab

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-06-19 17:30:12 +00:00

0xMarcio d6bcaa53f2 Update CVE sources 2024-07-25 21:25

2024-07-25 21:25:12 +00:00

Description

The default configuration of XSLTResourceStream.java is vulnerable to remote code execution via XSLT injection when processing input from an untrusted source without validation.Users are recommended to upgrade to versions 10.1.0, 9.18.0 or 8.16.0, which fix this issue.

POC

Reference

No PoCs from references.

Github

https://github.com/Threekiii/CVE
https://github.com/enomothem/PenTestNote

921 B Raw Blame History

CVE-2024-36522

Description

POC

Reference

Github

921 B

Raw Blame History