Harry Withington

2 exploits Active since Apr 2023

CVE-2022-43769 METASPLOIT HIGH ruby WORKING POC

Pentaho Business Server Auth Bypass and Server Side Template Injection RCE

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.

CVSS 8.8

View Code

CVE-2022-43939 METASPLOIT HIGH ruby WORKING POC

Hitachi Vantara Pentaho <9.4.0.1-9.3.0.2 - SSRF

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented.

CVSS 8.6

View Code