Back to directory
WRITEUP #1895

Contrast discovers zero-day flaw in popular Quarkus Java framework

CSRFDrive-by attackRCE
byJoseph Beeton
Program
Quarkus
Published
Nov 23, 2022
Added to HackDex
Dec 12, 2022
Read Full Writeuphttps://www.contrastsecurity.com/security-influencers/localhost-attack-against-quarkus-developers-contrast-security
RELATED WRITEUPS
Vulnerabilities in Homepage Dashboard
RCESSRF
SSD Advisory – XenForo RCE Via CSRF
RCECSRF
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization

Built with ❤️ by Shubham Rawat