6 matches found
GHSA-CVJ4-G3GX-8VQQ Restlet Framework allows remote attackers to access arbitrary files via a crafted REST API HTTP request
Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities not parameter external entities are properly considered. This is related to XmlRepresentation, DOMRepresentatio...
CVE-2017-14949
Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities not parameter external entities are properly considered. This is related to XmlRepresentation, DOMRepresentatio...
CVE-2017-14949
Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities not parameter external entities are properly considered. This is related to XmlRepresentation, DOMRepresentatio...
CVE-2017-14949
Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities not parameter external entities are properly considered. This is related to XmlRepresentation, DOMRepresentatio...
CVE-2017-14949
Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities not parameter external entities are properly considered. This is related to XmlRepresentation, DOMRepresentatio...
CVE-2017-14949
Restlet Framework before 2.3.12 is affected by CVE-2017-14949, allowing remote attackers to access arbitrary files via a crafted REST API HTTP request that triggers an XXE attack. The vulnerability is linked to XML representations (XmlRepresentation, DOMRepresentation, SaxRepresentation) and Jack...