Xxe

drools =7.59.x is affected by an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability...

drools 代码问题漏洞

drools is KIE open source a business rules management system . Open source rules engine, DMN engine and Complex Event Processing CEP engine for Java and JVM platforms. A security vulnerability exists in drools 7.59.x and earlier versions , the vulnerability stems from the Validator class in...

PT-2022-11391 · Drools +1 · Drools +1

Name of the Vulnerable Software and Affected Versions: drools versions prior to 7.60 Description: The issue is related to an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability. Recommendations:...