XML External Entity (XXE) vulnerability in JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4

XML External Entity (XXE) vulnerability in JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4

CVE-2014-3481 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion, which allows remote attackers to read arbitrary files via unspecified vectors, related to an XML External Entity (XXE) issue.

Learn more about our External Network Penetration Testing.