Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Play Framework Improper Restriction of XML External Entity Reference Vulnerability - CVE-2014-3630 - Vulnerability Database
Play Framework

Play Framework Improper Restriction of XML External Entity Reference Vulnerability - CVE-2014-3630

Critical
Reference: CVE-2014-3630
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-3630
Title: Play Framework Improper Restriction of XML External Entity Reference Vulnerability
Overview:

XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2.2.6 and 2.3.x before 2.3.5 might allow remote attackers to read arbitrary files cause a denial of service or have unspecified other impact via crafted XML data.