IBM Traveler 8.x and 9.x prior to 9.0.1.12 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm traveler 9.0.1 |
||
ibm traveler 9.0 |
||
ibm traveler 8.5.3 |