Apache Solr XXE

Posted on 29 November 2013

Hi All Apache Solr 4.3.1, 4.4, 5.0 resolves multiple XXE flaws, as described in the following bugs: https://issues.apache.org/jira/browse/SOLR-3895 https://issues.apache.org/jira/browse/SOLR-4881 I have confirmed that these issues can also be exploited on Apache Solr 3.6.2. Please assign a CVE ID for these XXE flaws (I think a single CVE ID is most appropriate). Thanks -- David Jorm / Red Hat Security Response Team

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20