writeups.xyz / Vulnerabilities In Apache Batik Default Security Controls – SSRF And RCE Through Remote Class Loading

Submitter : c2a

Date: 31 October 2022

Bounty : undisclosed

Vulnerabilities :

• SSRF
• RCE

Programs :

• Apache Batik

Authors :

• Piotr Bazydło (@Chudypb)

Link :
https://www.zerodayinitiative.com/blog/2022/10/28/vulnerabilities-in-apache-batik-default-security-controls-ssrf-and-rce-through-remote-class-loading