Back to directory

WRITEUP #1078

Jasper Reports Library Code Injection

RCESSTIInsecure deserializationSecurity code review

byDennis Heinze

Program

Jasper Reports

Published

Jun 13, 2023

Added to HackDex

Jun 25, 2023

Read Full Writeuphttps://insinuator.net/2023/06/jasper-reports-library-code-injection/

▸ RELATED WRITEUPS

Getting code execution on Veeam through CVE-2023-27532

RCEInsecure deserialization

WPML Multilingual CMS Authenticated Contributor+ Remote Code Execution (RCE) via Twig Server-Side Template Injection (SSTI)

Chaining Three Bugs to Access All Your ServiceNow Data

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Spip Preauth RCE 2024: Part 2, A Big Upload

Built with ❤️ by Shubham Rawat