{"uuid": "f5d69e0f-7321-4017-a3b2-bf5281d1b81b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41852", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/137803", "content": "{\n  \"Source\": \"https://t.me/documentors\",\n  \"Content\": \"CVE-2022-4185.zip 6.1 kB \ud83d\udca5Apache Commons JXPath RCE (CVE-2022-41852) People who use JXPath to interpret untrusted XPath expressions may be vulnerable to RCE attacks. All JXPathContext class functions that deal with XPath strings are vulnerable, except the compile() and compilePath() functions. An attacker can use an XPath expression to load any Java class from the classpath, resulting in code execution. To load remote configuration to achieve RCE we can use two class constructors in spring: org.springframework.context.support.ClassPathXmlApplicationContext org.springframework.context.support.FileSystemXmlApplicationContext \ud83d\udcbeAnother analysis + PoC\", \n  \"author\": \"\u2693\ufe0f\ud835\udd07\ud835\udd2c\ud835\udd20\ud835\udd32\ud835\udd2a\ud835\udd22\ud835\udd2b\ud835\udd31\ud835\udd2c\ud835\udd2f\",\n  \"Detection Date\": \"07 Nov 2022\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 Data Leak monitoring system\ud83d\udd39", "creation_timestamp": "2022-11-07T17:22:16.000000Z"}