| 1 | 1 | | # CVE-2022-42889-PoC |
| 2 | | - | Proof of Concept for CVE-2022-42889 |
| | 2 | + | |
| | 3 | + | This is Proof of Concept for the vulnerability [CVE-2022-42889](https://nvd.nist.gov/vuln/detail/CVE-2022-42889). This code will run the JavaScript code `195 + 324`. If vulnerable the output should be: |
| | 4 | + | |
| | 5 | + | ``` |
| | 6 | + | Output: 519 |
| | 7 | + | ``` |
| | 8 | + | |
| | 9 | + | In order to run this you will need: |
| | 10 | + | * JDK 11 or above |
| | 11 | + | * Maven |
| | 12 | + | |
| | 13 | + | To run this, simply run Maven: |
| | 14 | + | |
| | 15 | + | ``` |
| | 16 | + | mvn clean install |
| | 17 | + | ``` |
| | 18 | + | |
| | 19 | + | The fix for this is to update your instances of `commons-text` to versions `1.10.0` or later. |
| 3 | 20 | | |
Sean Wright
committed
with
GitHub
2 years ago
1 parent f65f09ed