Vulnerabilities

CVE-2017-7545

by Fred · 26/07/2018

It was discovered that the XmlUtils class in jbpmmigration 6.5 performed expansion of external parameter entities while parsing XML files. A remote attacker could use this flaw to read files accessible to the user running the application server and, potentially, perform other more advanced XML eXternal Entity (XXE) attacks.

Date published : 2018-07-26

http://www.securityfocus.com/bid/102179

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7545

Similar

Tags: Cybersecurity Alert