Full title: OpenMetadata 1.2.3 Authentication Bypass / SpEL Injection Exploit 
Category: remote exploits
Platform: linux
This Metasploit module exploits OpenMetadata versions 1.2.3 and below by chaining an API authentication bypass using JWT tokens along with a SpEL injection vulnerability to achieve arbitrary command execution.

# 0day.today @ http://0day.today/