Is there a demonstration of the exploit? I'd like to try it
> Sent: Tuesday, July 11, 2023 at 6:44 PM
> From: "Andy Seaborne"
> To: annou...@apache.org, users@jena.apache.org
> Subject: CVE-2023-32200: Apache Jena: Exposure of execution in script engine
> expressions
Severity: important
Affected versions:
- Apache Jena 3.7.0 through 4.8.0
Description:
There is insufficient restrictions of called script functions in Apache Jena
versions 4.8.0 and earlier. It allows a
remote user to execute javascript via a SPARQL query.
This issue affects Apache Jena: