Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pivotal software spring web services |
||
oracle flexcube private banking 12.1.0 |
||
oracle flexcube private banking 12.0.0 |
||
oracle financial services analytical applications infrastructure |