Jackrabbit@2.6.1 Security Vulnerabilities and Issues — Jackrabbit@2.6.1 CVE List

Lucene search

ApacheJackrabbit2.6.1

2 matches found

CVE•added 2015/05/29 3:59 p.m.•102 views

CVE-2015-1833

XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request.

6.4CVSS6.4AI score0.30217EPSS

CVE•added 2016/09/21 2:25 p.m.•59 views

CVE-2016-6801

Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav in Apache Jackrabbit 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.3, 2.10.x before 2.10.4, 2.12.x before 2.12.4, and 2.13.x before 2.13.3 allows remote attackers to hijack the authenticat...

8.8CVSS8.8AI score0.0036EPSS