Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability - CVE-2017-7503 - Vulnerability Database
Jboss EAP

Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability - CVE-2017-7503

Critical
Reference: CVE-2017-7503
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-7503
Title: Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability
Overview:

It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks or read files from the server where EAP is deployed.