This article is the first article and the only article that thoroughly anaylzes and produces CVE-2021-26690.
It is a great demostration on how to analyze and reproduce CVEs that are not publi
Also, during the process, I also found a security-in-depth problem for its fix and issued a pull request for the apache project.
This CVE is not public disclosed anywhere and has been used as an online accessment for a security engineer position.
Proceed only when you do not have such a task.
The password is md5(my-linkedin-headline) -> md5(current ***** Alumnus)