Download
| Alert*
ALAS2-2018-1041 --- xmlrpc
A flaw was discovered in the Apache XML-RPC library that deserializes untrusted data when enabledForExtensions setting is enabled. A remote attacker could use this vulnerability to execute arbitrary code via a crafted serialized Java object in a lt;ex:serializablegt; element.
|