berdario
commented
8 years ago Thank you, but I noticed that the vulnerability is still exploitable
Btw, this vuln has been assigned id CVE-2016-6521
Closed berdario closed 8 years ago
berdario
commented
8 years ago Thank you, but I noticed that the vulnerability is still exploitable
Btw, this vuln has been assigned id CVE-2016-6521
berdario
commented
8 years ago Thank you, I confirm that now this functionality appears secure.
Here's the POC people can use to check if they're vulnerable (just check if your browser network inspector if you're receiving back a 403 when visiting the poc page)
Same issue as https://github.com/sheehan/grails-console/issues/24 which was unfortunately not recognized for the severe bug that it is.
Yesterday I explained privately the issue to @sheehan and supplied him a POC. Will add the same information here once a fix is released (or otherwise to expedite its release), but for now this issue should merely serve to keep track of it publicly