Details

    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 5.3
    • Fix Version/s: 5.4, 6.0
    • Component/s: Admin UI
    • Labels:
      None

      Description

      Use the drop-down in the left menu to select a core. Use the “Watch Changes” feature under the “Plugins / Stats” option. When submitting the changes, XML is passed in the “stream.body” parameter and is vulnerable to XXE.

        Attachments

        1. SOLR-8307.patch
          1 kB
          Shawn Heisey
        2. SOLR-8307.patch
          8 kB
          Erik Hatcher

          Activity

            People

            • Assignee:
              ehatcher Erik Hatcher
              Reporter:
              adam.johnson Adam Johnson
            • Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: