XML external entity (XXE) vulnerability in Apache Jackrabbit prior to 2.0.6, 2.2.x prior to 2.2.14, 2.4.x prior to 2.4.6, 2.6.x prior to 2.6.6, 2.8.x prior to 2.8.1, and 2.10.x prior to 2.10.1 allows remote malicious users to read arbitrary files and send requests to intranet servers via a crafted WebDAV request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache jackrabbit 2.2.10 |
||
apache jackrabbit 2.2.9 |
||
apache jackrabbit 2.2.0 |
||
apache jackrabbit 2.4.5 |
||
apache jackrabbit 2.6.4 |
||
apache jackrabbit 2.6.3 |
||
apache jackrabbit |
||
apache jackrabbit 2.2.13 |
||
apache jackrabbit 2.2.5 |
||
apache jackrabbit 2.2.4 |
||
apache jackrabbit 2.4.2 |
||
apache jackrabbit 2.4.1 |
||
apache jackrabbit 2.8.0 |
||
apache jackrabbit 2.10.0 |
||
apache jackrabbit 2.2.12 |
||
apache jackrabbit 2.2.11 |
||
apache jackrabbit 2.2.2 |
||
apache jackrabbit 2.2.1 |
||
apache jackrabbit 2.4.0 |
||
apache jackrabbit 2.6.5 |
||
apache jackrabbit 2.2.8 |
||
apache jackrabbit 2.2.7 |
||
apache jackrabbit 2.4.4 |
||
apache jackrabbit 2.4.3 |
||
apache jackrabbit 2.6.2 |
||
apache jackrabbit 2.6.1 |
||
apache jackrabbit 2.6.0 |