On 13.10.2017 15:13, Rick Leir wrote: > Hi all, > What is the earliest version which was vulnerable? > Thanks -- Rick >
As far as i can understand, to exploit both vulnerabilities, you need Solr 5.1 or above (xml query parser), but the RunExecutableListener was also present in Solr 3.X. But i dont know when the config api was introduced.
signature.asc
Description: OpenPGP digital signature
