Here you will find first link I found about it.
I decided to find and read mentioned CVE.
Soft grabbed from sourceforge:
Surprisingly I found few more details about the bug in CVE. ;]
Great! ;] We're ready to check it now (by the way, there is also a poc-request
); go:
We're logged-in as an admin user. Session cookie's grabbed by Burp, so we can test this request:
Seems nice ;]
Should be enough to prepare a working poc ;)
Cheers
Brak komentarzy:
Prześlij komentarz