all InfoSec news
CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki
Zero Day Initiative - Blog www.zerodayinitiative.com
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Simon Humbert and Lucas Miller of the Trend Micro Research Team detail a recently patched remote code execution vulnerability in the XWiki free wiki software platform. This bug was originally discovered by Michael Hamann with public Proof-of-Concept (PoC) code provided by Manuel Leduc. Successful exploitation of this vulnerability would allow an authenticated attacker to perform an arbitrary code injection on affected systems. The following is a portion of …
blog post bug code code execution code injection concept cve free injection michael micro miller org platform poc proof proof-of-concept public remote code remote code execution report research service software software platform team trend trend micro vulnerability vulnerability research wiki