The gadget renderer in Apache Shindig 2.5.0 for PHP allows remote malicious users to obtain sensitive information via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache shindig 2.5.0 |