[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2016-6798 : Apache Sling XXE vulnerability
From: Bertrand Delacretaz <bdelacretaz () apache ! org>
Date: 2017-07-18 10:22:03
Message-ID: CAEWfVJkLfoDJ-VjddTo_Vb70q4M+tN2GvpabRDR_iPdCAFtY1Q () mail ! gmail ! com
[Download RAW message or body]
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Sling XSS Protection API 1.0.0
Description:
The method XSS.getValidXML() uses an insecure SAX parser to validate
the input string, which allows for XXE [0] attacks in all scripts
which use this method to validate user input, potentially allowing an
attacker to read sensitive data on the filesystem, perform
same-site-request-forgery (SSRF), port-scanning behind the firewall or
DoS the application.
[0] https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing
Mitigation:
Users should upgrade to version 1.0.12 or later of the XSS Protection
API module.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic