CVE-2017-9805

CVE-2017-9805 POC

The issue comes from a lack of filtering on the deserialization class used by the REST plugin. Struts uses Xstream with a lot of filtering for deserialization in multiple places, however this filtering was not in place for the REST plugin.

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
CVE-2017-9805.py		CVE-2017-9805.py
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2017-9805.py

CVE-2017-9805.py

README.md

README.md

Repository files navigation

CVE-2017-9805

About

Releases

Packages

Languages

Shakun8/CVE-2017-9805

Folders and files

Latest commit

History

CVE-2017-9805.py

CVE-2017-9805.py

README.md

README.md

Repository files navigation

CVE-2017-9805

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages