Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2013-4212

CWE-94 — Code Injection4 documents4 sources

Severity

6.8MEDIUM

EPSS

87.0%

top 0.56%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apache Roller

Timeline

PublishedDec 7

Latest updateMay 17

Description

Certain getText methods in the ActionSupport controller in Apache Roller before 5.0.2 allow remote attackers to execute arbitrary OGNL expressions via the first or second parameter, as demonstrated by the pageTitle parameter in the !getPageTitle sub-URL to roller-ui/login.rol, which uses a subclass of UIAction, aka "OGNL Injection."

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

▶NVDapache/roller5.0.1+3

Patches

Patch: rollerweblogger.org ↗Patch: rollerweblogger.org ↗

🔴Vulnerability Details

GHSA

GHSA-f4j4-8x73-vjx4: Certain getText methods in the ActionSupport controller in Apache Roller before 5↗2022-05-17

▶

CVEList

CVE-2013-4212: Certain getText methods in the ActionSupport controller in Apache Roller before 5↗2013-12-07

▶

💥Exploits & PoCs

Exploit-DB

Apache Roller - OGNL Injection (Metasploit)↗2013-11-27

▶