Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

xxe #770

Closed
QiAnXinCodeSafe opened this issue Jun 11, 2019 · 0 comments
Closed

xxe #770

QiAnXinCodeSafe opened this issue Jun 11, 2019 · 0 comments
Assignees
@ljnelson
Labels
bug Something isn't working MP P1

Comments

@QiAnXinCodeSafe
Copy link

JpaExtension.java
图片

The xml external entity is not disabled when parsing the xml. When parsing the xml controlled by the attacker, there is an xml external entity injection risk.
@ljnelson ljnelson mentioned this issue Jun 11, 2019
Merged
@ljnelson ljnelson added bug Something isn't working P1 labels Jun 11, 2019
@ljnelson ljnelson added the MP label Jun 11, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ljnelson ljnelson

Labels
bug Something isn't working MP P1
Projects
Backlog
Archived in project
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ljnelson @QiAnXinCodeSafe