Apache Solr 7.0.1 XXE Injection / Code Execution

First Vulnerability: XML External Entity Expansion deftype=xmlparser Lucene includes a query parser that is able to create the full-spectrum of Lucene queries, using an XML data structure. Starting from version 5.1 Solr supports "xml" query parser in the search query. The problem is that lucene x...

FreeBSD : solr -- Code execution via entity expansion (e837390d-0ceb-46b8-9b32-29c1195f5dc7)

Solr developers report : Lucene XML parser does not explicitly prohibit doctype declaration and expansion of external entities which leads to arbitrary HTTP requests to the local SOLR instance and to bypass all firewall restrictions. Solr 'RunExecutableListener' class can be used to execute...