Vulnerability CVE-2023-24162
Published: 2023-01-31

Description:
Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter.

 References:
https://github.com/dromara/hutool/issues/2855
https://gitee.com/dromara/hutool/issues/I6AEX2
Copyright 2024, cxsecurity.com

 

Back to Top