CVE-2014-8125

2015-04-21T13:59:02
ID CVE-2014-8125
Type cve
Reporter NVD
Modified 2015-05-26T13:56:16

Description

XML external entity (XXE) vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file.