3 matches found
CVE-2016-4312
CVE-2016-4312 affects WSO2 Identity Server 5.1.0 prior to WSO2-CARBON-PATCH-4.4.0-0231. The issue is an XML External Entity (XXE) vulnerability in the XACML flow feature that allows remote authenticated users with XACML access to read arbitrary files, cause a denial of service, perform SSRF, or i...
CVE-2016-4312
creationtimestamp| type| source ---|---|--- 2016-08-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40239...
WSO2 Identity Server 5.1.0 XML Injection
Credits: John Page aka HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WSO2-IDENTITY-SERVER-v5.1.0-XML-External-Entity.txt + ISR: ApparitionSec Vendor: ============= www.wso2.com Product: ============================ Wso2 Identity Server v5.1.0...