A Proof of concept for CVE-2021-27850 affecting Apache Tapestry and leading to unauthencticated remote code execution.
CVE-2021-27850 Exploit Overview CVE-2021-27850 is a critical unauthenticated remote code execution vulnerability that was found in all recent versions of Apache Tapestry, by downloading the AppModuleclass file we can leak the HMAC Secret key used to sign all the serialized objects in apache Tapestry We encountered this CVE in a real life assessment and as far as I know there