New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2022-44262 #624
Comments
|
Hello, thanks for the fix. |
|
hi @clun, just checking when the release will be made? |
|
It's great that the problem is solved. |
|
@clun According to the CVSS score of 9.8, it would be pls very welcome if it will be released soon. May I ask you pls for help to focus on the release? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
ff4j can be use to call any constructors in the project or jvm.
it would raise an error after constructor call and give an error in response.
proof of concept
run an envirement
send the request and trigger ssrf
the url(http://example/index.html) will receive a request from the server.
The text was updated successfully, but these errors were encountered: