2 matches found
dashbuilder: XXE/SSRF vulnerability
A flaw was found in the dashbuilder import facility: the DocumentBuilders instantiated in org.jboss.dashboard.export.ImportManagerImpl did not disable external entities. This could allow an attacker to perform a variety of XML External Entity XXE and Server-Side Request Forgery SSRF attacks...
dashbuilder: XXE/SSRF vulnerability
A flaw was found in the dashbuilder import facility: the DocumentBuilders instantiated in org.jboss.dashboard.export.ImportManagerImpl did not disable external entities. This could allow an attacker to perform a variety of XML External Entity XXE and Server-Side Request Forgery SSRF attacks...