Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability - CVE-2017-7464 - Vulnerability Database
Jboss EAP

Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability - CVE-2017-7464

Critical
Reference: CVE-2017-7464
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-7464
Title: Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability
Overview:

It was found that the JAXP implementation used in JBoss EAP 7.0 for SAX and DOM parsing is vulnerable to certain XXE flaws. An attacker could use this flaw to cause DoS SSRF or information disclosure if they are able to provide XML content for parsing.