XML external entity (XXE) vulnerability in the XML converter setup in converter/jaxp/XmlConverter.java in Apache Camel prior to 2.13.4 and 2.14.x prior to 2.14.2 allows remote malicious users to read arbitrary files via an external entity in an SAXSource.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache camel 2.14.0 |
||
apache camel |
||
apache camel 2.14.1 |