Apache

Solr

47 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.69%
  • Veröffentlicht 15.02.2016 02:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow remote attackers to inject arbitrary web script or HTML via crafted fields that are mishandled during the rendering of the (1) Analysis page, related ...

  • EPSS 4.7%
  • Veröffentlicht 06.01.2015 15:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site scripting (XSS) vulnerability in the Admin UI Plugin / Stats page in Apache Solr 4.x before 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the fieldvaluecache object.

  • EPSS 10.08%
  • Veröffentlicht 07.12.2013 21:55:09
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related ...

  • EPSS 11.4%
  • Veröffentlicht 07.12.2013 20:55:02
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an en...

  • EPSS 11.4%
  • Veröffentlicht 07.12.2013 20:55:02
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) i...

Exploit
  • EPSS 56.26%
  • Veröffentlicht 07.12.2013 20:55:02
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set ...

  • EPSS 2%
  • Veröffentlicht 28.10.2009 10:30:00
  • Zuletzt bearbeitet 16.06.2026 23:12:25

Cross-site scripting (XSS) vulnerability in the Apache Solr Search (solr) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.