Download
| Alert*
CVE-2017-3164 -- libsolr-java
Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 . Since the "shards" parameter does not have a corresponding whitelist mechanism, a remote attacker with access to the server could make Solr perform an HTTP GET request to any reachable URL.
|