XML External Entity (XXE) Vulnerability in Apache Camel XML Converter

XML External Entity (XXE) Vulnerability in Apache Camel XML Converter

CVE-2015-0263 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

XML external entity (XXE) vulnerability in the XML converter setup in converter/jaxp/XmlConverter.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allows remote attackers to read arbitrary files via an external entity in an SAXSource.

Learn more about our Cis Benchmark Audit For Apache Http Server.