XML External Entity (XXE) Vulnerability in XML Parser for REST Server

XML External Entity (XXE) Vulnerability in XML Parser for REST Server

CVE-2018-1000823 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

exist version <= 5.0.0-RC4 contains a XML External Entity (XXE) vulnerability in XML Parser for REST Server that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

Learn more about our Cis Benchmark Audit For Server Software.