OpenMetadata 1.2.3 Authentication Bypass / SpEL Injection Exploit

Main / OpenMetadata 1.2.3 Authentication Bypass / SpEL Injection Exploit

Discription

This Metasploit module exploits OpenMetadata versions 1.2.3 and below by chaining an API authentication bypass using JWT tokens along with a SpEL injection vulnerability to achieve arbitrary command…Read More

References

Back to Main

Subscribe for the latest news: