CVE-2020-9496
Description
XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
NVD
Severity: MEDIUM
CVE ID: CVE-2020-9496
CVSS Score: 6.1
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Proof Of Concept
Nuclei Templates for CVE-2020-9496
Refrence: Project Discovery GitHub
dwisiswant0
Refrence: GitHub
Vulnmachines
Refrence: GitHub
g33xter
Apache OFBiz unsafe deserialization of XMLRPC arguments
Refrence: GitHub
cyber-niz
CVE-2020-9496 manual exploit
Refrence: GitHub
yuaneuro
CVE-2020-9496和CVE-2021-26295利用dnslog批量验证漏洞poc及exp
Refrence: GitHub
ambalabanov
XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
Refrence: GitHub
s4dbrd
Refrence: GitHub
Ly0nt4r
ApacheOfBiz 17.12.01 - Unauthorized Remote Code Executión
Refrence: GitHub
birdlinux
ApacheOfBiz 17.12.01 Remote Code Execution
Refrence: GitHub