CVE-2018-1000822

CRITICAL

codelibs fess < 12.2.3 and 12.3.0-12.3.1 - XML External Entity Injection in GSA XML File Parser

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2018-1000822. PoCs published by dawetmaster, andikahilmy.

AI-analyzed exploit summary This repository contains a vulnerable version of Fess, an enterprise search server, which is affected by CVE-2018-1000822. The repository includes the full source code and build configuration, allowing researchers to compile and test the vulnerable application.

Description

codelibs fess version before commit faa265b contains a XML External Entity (XXE) vulnerability in GSA XML file parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via specially crafted GSA XML files. This vulnerability appears to have been fixed in after commit faa265b.

Exploits (2)

nomisec WORKING POC
by dawetmaster · poc
https://github.com/dawetmaster/CVE-2018-1000822-fess-vulnerable

This repository contains a vulnerable version of Fess, an enterprise search server, which is affected by CVE-2018-1000822. The repository includes the full source code and build configuration, allowing researchers to compile and test the vulnerable application.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Fess (versions prior to the fix for CVE-2018-1000822)
No auth needed
Prerequisites: Java runtime environment · Maven for building the project
devstral-2 · analyzed Mar 14, 2026 Full analysis →
nomisec WORKING POC
by andikahilmy · poc
https://github.com/andikahilmy/CVE-2018-1000822-fess-vulnerable

This repository contains a vulnerable version of Fess, an enterprise search server, which is affected by CVE-2018-1000822. The repository includes the full source code and build configuration, allowing researchers to compile and test the vulnerable application for exploit development or analysis.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Fess (versions prior to the fix for CVE-2018-1000822)
No auth needed
Prerequisites: Java runtime environment · Maven for building the project
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory x_refsource_misc
https://0dd.zone/2018/10/27/fess-XXE/
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://github.com/codelibs/fess/issues/1851

Scores

CVSS v3 10.0
EPSS 0.0024
EPSS Percentile 48.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-611
Status published
Products (2)
codelibs/fess < 12.2.3
org.codelibs.fess/fess 0 - 12.3.2Maven
Published Dec 20, 2018
Tracked Since Feb 18, 2026