RSS   Vulnerabilities for 'Processing'   RSS

2018-12-20
 
CVE-2018-1000840

CWE-611
 

 
Processing Foundation Processing version 3.4 and earlier contains a XML External Entity (XXE) vulnerability in loadXML() function that can result in An attacker can read arbitrary files and exfiltrate their contents via HTTP requests. This attack appear to be exploitable via The victim must use Processing to parse a crafted XML document.

 


Copyright 2024, cxsecurity.com

 

Back to Top