Apache Jackrabbit XXE Vulnerability in WebDAV Request

CVE-2015-1833 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request.

Learn more about our Cis Benchmark Audit For Apache Http Server.