jumpycastle/xmlrpc.net-poc

Releases0

Proof of Concept (PoC) for CookComputing XML-RPC.NET XXE <2.5.0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-47514 ↗	Dec 18, 2022Sunday, 18 December 2022, 04:15	8.8 HIGH	—
An XML external entity (XXE) injection vulnerability in XML-RPC.NET before 2.5.0 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, as demonstrated by a pingback.aspx POST request.