oss-sec mailing list archives
CVE-2016-6798 : Apache Sling XXE vulnerability
From: Bertrand Delacretaz <bdelacretaz () apache org>
Date: Tue, 18 Jul 2017 12:22:03 +0200
Severity: Important Vendor: The Apache Software Foundation Versions Affected: Sling XSS Protection API 1.0.0 Description: The method XSS.getValidXML() uses an insecure SAX parser to validate the input string, which allows for XXE [0] attacks in all scripts which use this method to validate user input, potentially allowing an attacker to read sensitive data on the filesystem, perform same-site-request-forgery (SSRF), port-scanning behind the firewall or DoS the application. [0] https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing Mitigation: Users should upgrade to version 1.0.12 or later of the XSS Protection API module.
Current thread:
- CVE-2016-6798 : Apache Sling XXE vulnerability Bertrand Delacretaz (Jul 18)