daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add author name

patch-6
Dhiyaneshwaran 2024-07-16 17:46:41 +05:30 committed by GitHub
parent 4651d77e9c
commit 2db502e313
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
http/cves/2024/CVE-2024-36401.yaml
View File

@ -2,7 +2,7 @@ id: CVE-2024-36401
info:
name: GeoServer RCE in Evaluating Property Name Expressions
author: DhiyaneshDk
author: DhiyaneshDk,ryanborum
severity: critical
description: |
In the GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions.