CVE-2015-3160

2017-09-06T17:29:00
ID CVE-2015-3160
Type cve
Reporter NVD
Modified 2017-09-09T16:41:12

Description

XML external entity (XXE) vulnerability in bkr/server/jobs.py in Beaker before 20.1 allows remote authenticated users to obtain sensitive information via submitting job XML to the server containing entity references which reference files from the Beaker server's file system.