CVE-2017-4971 PoC — Pivotal Spring Web Flow 安全漏洞

Source

https://github.com/cved-sources/cve-2017-4971

Associated Vulnerability

Title:Pivotal Spring Web Flow 安全漏洞 (CVE-2017-4971)
Description:Pivotal Spring Web Flow是美国Pivotal Software公司的一款Web应用程序，可提供登机手续办理、贷款申请或购物车结算等导航。 Pivotal Spring Web Flow 2.4.0版本至2.4.4版本中存在安全绕过漏洞。攻击者可利用该漏洞绕过安全限制，执行未授权的操作。

Description

cve-2017-4971

Readme

# CVE-2017-4971

This is part of Cved: *a tool to manage vulnerable docker containers.*

Cved: https://github.com/git-rep-src/cved

Image source: https://github.com/cved-sources/cve-2017-4971

Image author: https://github.com/Medicean/VulApps/tree/master/s/springwebflow/1

File Snapshot


 [4.0K]  /data/pocs/bb64888855c404cc10adb18f6f1aa1cec2b8c5ea
├── [4.0K]  build
│   └── [ 22M]  spring-web-flow-booking-mvc.war
├── [ 400]  Dockerfile
└── [ 273]  README.md

1 directory, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!