XML External Entity (XXE) Vulnerability in Castor SAX Parser
CVE-2014-3004 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:N/A:N
The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XML document.
Learn more about our External Network Penetration Testing.