SecureCodingDojo icon indicating copy to clipboard operation
SecureCodingDojo copied to clipboard

Published 20 hours ago verified publisher icon OWASP

A shortcut for Second Degree Black Belt - Using Components with Known Vulnerabilities & Insecure Deserialization

Open axqd opened this issue 1 year ago • 0 comments

Exploit XXE alone to view /usr/local/tomcat/logs/catalina.2023-10-05.log on host2:

argument:
-DSECRET3=/code/getCode.html#eyJhbGciOiJIUz...

axqd avatar Aug 02 '24 14:08 axqd