This module exploits a vulnerability in Apache Solr's UpdateRequestHandler (example URL: http://10.1.2.3:8983/solr/update).

This vulnerability is present in Solr versions prior to 4.1. See CVE-2012-6612 and CVE-2013-6407.

This module takes advantage of an error message returned by Solr which includes the entire XML request that was sent, with external entities expanded. 