2 matches found
Xxe
FD Application Apr. 2022 Edition Version 9.01 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...
Stanford CoreNlp 代码问题漏洞
Stanford CoreNlp is a set of open source, natural language analysis tools written in Java by the Stanford Nlp Group team in the U.S. A security vulnerability exists in Stanford Nlp Group, which stems from improper XML external entity reference restrictions. No details of the vulnerability are...