CVE-2023-45612

This repository contains a functional proof-of-concept for CVE-2023-45612, demonstrating an XXE (XML External Entity) vulnerability in Ktor 2.2.3. The PoC includes a server setup and a Python script to test both valid XML and malicious XXE payloads.

This repository contains a functional Python script that exploits CVE-2023-45612, an XXE vulnerability in JetBrains Ktor before 2.3.5. The PoC constructs a malicious XML payload to read arbitrary files from the target system via an external entity reference.

This repository contains a functional XXE (XML External Entity) exploit PoC for CVE-2023-45612, targeting a Ktor-based application. The Python script sends a crafted XML payload to read arbitrary files from the server.

This repository provides a detailed technical analysis of CVE-2023-45612, an XXE vulnerability in Ktor's ContentNegotiation feature. It includes a description of the root cause, reproduction steps, and prevention guidelines, but lacks functional exploit code.

This repository contains a functional PoC for CVE-2023-45612, demonstrating an XXE vulnerability in Ktor's ContentNegotiation feature. The PoC includes a vulnerable Ktor server and a Python client that exploits the XXE to achieve LFI by reading a file from the server.

This repository contains a functional exploit PoC for CVE-2023-45612, an XXE vulnerability in Ktor's ContentNegotiation XML processing. The PoC includes a Python script that demonstrates both file disclosure and SSRF attacks via crafted XML payloads.

This repository contains a functional proof-of-concept for CVE-2023-45612, demonstrating an XXE vulnerability in JetBrains Ktor versions before 2.3.5. The PoC includes a vulnerable Ktor server setup and an exploit XML payload to read arbitrary files from the server.

This repository provides a detailed technical analysis of CVE-2023-45612, an XXE vulnerability in Ktor's XML serialization. It includes a step-by-step reproduction guide, demonstrating how an attacker can exploit the vulnerability to read sensitive files on the server.