1 | 1 | | # CVE-2022-42889-PoC |
2 | | - | Proof of Concept for CVE-2022-42889 |
| 2 | + | |
| 3 | + | This is Proof of Concept for the vulnerability [CVE-2022-42889](https://nvd.nist.gov/vuln/detail/CVE-2022-42889). This code will run the JavaScript code `195 + 324`. If vulnerable the output should be: |
| 4 | + | |
| 5 | + | ``` |
| 6 | + | Output: 519 |
| 7 | + | ``` |
| 8 | + | |
| 9 | + | In order to run this you will need: |
| 10 | + | * JDK 11 or above |
| 11 | + | * Maven |
| 12 | + | |
| 13 | + | To run this, simply run Maven: |
| 14 | + | |
| 15 | + | ``` |
| 16 | + | mvn clean install |
| 17 | + | ``` |
| 18 | + | |
| 19 | + | The fix for this is to update your instances of `commons-text` to versions `1.10.0` or later. |
3 | 20 | | |