RCE via Spring Engine SSTI

andresriancho / w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.

http://w3af.org/

4.57k stars 1.22k forks source link

Open andresriancho opened 6 years ago

andresriancho commented 6 years ago

It would be nice to have a plugin which tests for this vulnerability!

amitsin6h commented 6 years ago

@andresriancho can I take this issue as my first contribution

andresriancho commented 6 years ago

Sure! How can I help you succeed with the development of this new plugin?