漏洞描述
Elasticsearch Groovy Scripting Engine Sandbox 安全绕过漏洞
Elasticsearch Groovy Scripting Engine Sandbox 安全绕过漏洞
PoC代码
暂无相关漏洞推荐
- WordPress AI Engine /wp-json/mcp/v1 信息泄露漏洞(CVE-2025-11749)
- POC CVE-2019-14950: WP Live Chat Support <= 8.0.27 — Stored Cross-Site Scripting
- POC CVE-2021-37415: Zoho ManageEngine ServiceDesk Plus - Authentication Bypass
- POC CVE-2022-0879: Caldera Forms < 1.9.7 - Reflected Cross-Site Scripting
- POC CVE-2023-3388: Beautiful Cookie Consent Banner < 2.10.2 - Cross-Site Scripting
- POC CVE-2025-11307: WP Google Maps < 9.0.48 - Cross-Site Scripting
- POC CVE-2025-5301: ONLYOFFICE Docs (DocumentServer) - Reflected Cross-Site Scripting
- POC CVE-2023-38875: PHP Login System 2.0.1 - Cross-Site Scripting
- POC CVE-2025-27915: Zimbra - Cross-Site Scripting via ICS Files
- POC CVE-2022-29081: Zoho ManageEngine - Access Control Bypass
- POC CVE-2025-11749: WordPress AI Engine Plugin - Token Exposure
- POC CVE-2025-51990: XWiki – Stored Cross-Site Scripting (XSS)
- POC CVE-2024-50857: GestioIP - Reflected Cross-Site Scripting