XML External Entity (XXE) Vulnerability in Apache Camel XML Converter
CVE-2015-0263 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
XML external entity (XXE) vulnerability in the XML converter setup in converter/jaxp/XmlConverter.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allows remote attackers to read arbitrary files via an external entity in an SAXSource.
Learn more about our Cis Benchmark Audit For Apache Http Server.