XML External Entity (XXE) Vulnerability in OSCI-Transport Library 1.2

XML External Entity (XXE) Vulnerability in OSCI-Transport Library 1.2

CVE-2017-10670 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An XML External Entity (XXE) issue exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET), exploitable by sending a crafted standard-conforming OSCI message from within the infrastructure.

Learn more about our External Network Penetration Testing.