Skip to content

Instantly share code, notes, and snippets.

View openolat.md

OpenOlat

During a night of research for an internal presentation about Java deserialization issues, I stumbled upon OpenOlat - a Java-based E-Learning platform used by multiple universities and institutions [0].

A cursory inspection of the OpenOlat code base using the powerful code analysis tool grep revealed, that the solution is vulnerable to unsafe deserialization of user data and path traversal in the handling of archive files, both of which leading to arbitrary code execution. In the following, a brief description of the vulnerabilities and a