2 matches found
xml-security: XPath Transform abuse allows for information disclosure
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any...
The vulnerability of the XML Security Library, related to bypassing authentication through spoofing, allows attackers to compromise data integrity.
The vulnerability of the XML Security Library relates to the bypassing of authentication mechanisms through spoofing. Exploiting this vulnerability allows a malicious actor to compromise data integrity remotely...