forked from p34709852/monkey
535 B
535 B
title | date | draft | tags | |||
---|---|---|---|---|---|---|
ElasticGroovy | 2020-07-14T08:41:40+03:00 | false |
|
CVE-2015-1427.
The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.
Logic is based on Metasploit module.