This paper documents deeper dive details of the security implications noted in CVE-2017-3241. Coupled with the JtaTransactionManager flaw from 2016, it demonstrates being able to achieve remote code execution.
This paper documents deeper dive details of the security implications noted in CVE-2017-3241. Coupled with the JtaTransactionManager flaw from 2016, it demonstrates being able to achieve remote code execution.