This module exploits a vulnerability in Apache Solr's UpdateRequestHandler (example URL: http://10.1.2.3:8983/solr/update). It inserts a crafted record into the Solr database which will display the XXE contents when queried.

This vulnerability is present in Solr versions prior to 4.1. See CVE-2012-6612 and CVE-2013-6407.