CVE-2020-13942 unauthenticated RCE POC through MVEL and OGNL injection
CVE-2020-13942 CVE-2020-13942 POC by Eugene Rojavski Original blog post about the vulnerability: wwwcheckmarxcom/blog/apache-unomi-cve-2020-13942-rce-vulnerabilities-discovered/ There are two RCE vectors: through MVEL injection and through OGNL injection Both vectors target different code though the payloads look relatively similar The previous CVE fix nvdn