Critical XXE Vulnerability in SimpleXML 2.7.1: Exploiting SSRF, Information Disclosure, and DoS

Critical XXE Vulnerability in SimpleXML 2.7.1: Exploiting SSRF, Information Disclosure, and DoS

CVE-2017-1000190 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:P

SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on.

Learn more about our Web Application Penetration Testing UK.