CVE-2014-3579

CVE-2014-3579 is an XML External Entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1. Described across multiple sources as allowing a remote attacker to obtain sensitive information by crafting XML data processed by the broker (via an XPath-based selector during dequeue). The pu...