Support #2991
Support #2696: security review
ensure that all XML parsing is done securely
Status:
New
Priority:
Normal
Assignee:
-
Target version:
-
Start date:
Due date:
% Done:
0%
billable:
No
vendor_id:
GCD
case_num:
History
#2 Updated by Greg Shah about 8 years ago
A useful quote from one of the above articles:
"Java applications using XML libraries are particularly vulnerable to XXE because the default settings for most Java XML parsers is to have XXE enabled. To use these parsers safely, you have to explicitly disable XXE in the parser you use."
#3 Updated by Greg Shah about 8 years ago
- Tracker changed from Bug to Support