Jay Jacobs Co-Founder and Data Scientist and Wade Baker Co-Founder; Data Storyteller from The Cyentia Institute come on the show to talk about The Exploit Prediction Scoring System (EPSS).
This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them!
The vulnerability arose from the incorrect application of XPath evaluation and could be leveraged to facilitate remote code execution across all GeoServer implementations.
While Microsoft dubbed the flaw as a high-severity spoofing bug, such an issue was disclosed by ZDI to be a remote code execution vulnerability that requires a higher severity rating.