XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization prior to 6.0.0 patch 4, allows remote malicious users to read arbitrary files via a crafted request to a REST endpoint.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat jboss data virtualization |
||
odata4j project odata4j - |