Security Bulletin: IBM Forms Experience Builder is vulnerable to XML External Entity (XXE) Processing (CVE-2016-0369)

Summary IBM Forms Experience Builder is vulnerable to an XML External Entity processing exposure potentially leading to information disclosure. Vulnerability Details CVEID : CVE-2016-0369 DESCRIPTION : IBM Forms Experience Builder could allow a remote attacker to obtain sensitive information,...

CVE-2016-0369

IBM Forms Experience Builder versions 8.5, 8.5.1 and 8.6 are affected by an XML External Entity (XXE) processing vulnerability. The root cause is XXE when processing XML data, which could allow a remote authenticated attacker to obtain sensitive information. The CVSS v3 base score is 2.7 (LOW). R...