CVE-2011-5245

The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding JAXB input, aka an XML external entity XXE injection attack, a similar vulnerability to...

CVE-2011-5245

CVE-2011-5245 affects RESTEasy (JBoss REST framework). The vulnerability arises in the readFrom function of providers.jaxb.JAXBXmlTypeProvider, allowing an XML External Entity (XXE) injection that lets an attacker read arbitrary files via an external entity reference in JAXB input. Affected versi...