CVE-2016-15011
The CVE-2016-15011 issue affects e-Contract dssp up to 1.3.1, specifically the function checkSignResponse in dssp-client/src/main/java/be/e_contract/dssp/client/SignResponseVerifier.java. The root cause is a vulnerability leading to XML External Entity (XXE) reference. A fix is available in dssp ...