XML Entity Expansion (XEE) Attack in Restlet Framework 2.1.x and 2.x.x
CVE-2014-1868 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:N/A:P
Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion (XEE) attack.
Learn more about our Web Application Penetration Testing UK.