CVE-2017-7545

CVE-2017-7545

It was discovered that the XmlUtils class in jbpmmigration 6.5 performed expansion of external parameter entities while parsing XML files. A remote attacker could use this flaw to read files accessible to the user running the application server and, potentially, perform other more advanced XML eXternal Entity (XXE) attacks.

Source: CVE-2017-7545

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다