Remote Code Execution

org.noear, solon.serialization.fury is vulnerable to Remote Code Execution. The vulnerability exists in FuryActionExecutor class in the changeBody method because it blindly deserializes data without validation which allows an attacker to inject and execute arbitrary code...