XML External Entity (XXE)

Raml parser is vulnerable to XML external entity attacks. The attack is possible because an XML input containing a reference to an external entity is not blocked by the XML parser, allowing an attacker to inject malicious XML files to retrieve system files or perform requests on behalf of the...