2 matches found
XML External Entity (XXE) Injection
print-lib/print-servlet is vulnerable to XML External Entity XXE injection. A remote attacker is able to inject untrusted XML entity via tryLoadSLD as SDL parser does not disable DTDs...
Cross-Site Scripting (XSS)
print-lib/print-servlet is vulnerable to cross-site scripting. A remote attacker is able to inject and execute Javascript in a user's browser via JSONP...