CVE-2018-1308

CVE-2018-1308 is an XML External Entity (XXE) vulnerability in Apache Solr’s DataImportHandler, affecting Solr 1.2–6.6.2 and 7.0–7.2.1. The vulnerability stems from an XXE flaw in the dataConfig parameter of the DataImportHandler, enabling an attacker to read arbitrary local files via file/ftp/ht...