RSS   Vulnerabilities for 'Xstream'   RSS

2016-05-17
 
CVE-2016-3674

CWE-200
 

 
Multiple XML external entity (XXE) vulnerabilities in the (1) Dom4JDriver, (2) DomDriver, (3) JDomDriver, (4) JDom2Driver, (5) SjsxpDriver, (6) StandardStaxDriver, and (7) WstxDriver drivers in XStream before 1.4.9 allow remote attackers to read arbitrary files via a crafted XML document.

 


Copyright 2024, cxsecurity.com

 

Back to Top