XML External Entity Injection (XXE) Vulnerability in Spring Integration
CVE-2019-3772 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Spring Integration (spring-integration-xml and spring-integration-ws modules), versions 4.3.18, 5.0.10, 5.1.1, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
Learn more about our External Network Penetration Testing.