Skip to content

Commit

Permalink
Fix description of CVE-2020-26259.
Browse files Browse the repository at this point in the history
joehni committed Mar 17, 2021
1 parent a4e33c5 commit 82ff866
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion xstream-distribution/src/content/CVE-2020-26259.html
Original file line number Diff line number Diff line change
@@ -29,7 +29,7 @@ <h2 id="description">Description</h2>

<p>The processed stream at unmarshalling time contains type information to recreate the formerly written objects.
XStream creates therefore new instances based on these type information. An attacker can manipulate the processed
input stream and replace or inject objects, that result in a server-side forgery request.</p>
input stream and replace or inject objects, that result in the deletion of a file on the local host.</p>

<h2 id="reproduction">Steps to Reproduce</h2>

0 comments on commit 82ff866

Please sign in to comment.