Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-32962 PoC — xml-crypto 安全漏洞

Source
https://github.com/absholi7ly/Poc-CVE-2024-32962-xml-crypto
Associated Vulnerability
Title:xml-crypto 安全漏洞 (CVE-2024-32962)
Description:NPM xml-crypto是NPM公司的一个数字签名和加密库。 xml-crypto 4.0.0 到 6.0.0版本存在安全漏洞,该漏洞源于默认配置不检查签名者的授权,允许攻击者绕过 XML 签名验证。
Readme
# Poc-CVE-2024-32962-xml-crypto
 
A simulation of an attack exploiting the CVE-2024-32962 vulnerability to forge SAML messages and gain unauthorized permissions

## Very soon it will become available.

[Poc](https://github.com/absholi7ly/Poc-CVE-2024-32962-xml-crypto/raw/main/poc.mp4)
File Snapshot

 [4.0K]  /data/pocs/f47b5b61bd4560139e240889deb37337f2dcc5c5
├── [ 20M]  poc.mp4
└── [ 286]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.