CVE-2017-16665

RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a reflected Cross Site Scripting (XSS) attack via the service parameter to the /soap URI, as described in CVE-2017-16665. The issue arises when processing a request that triggers an invalid attempt to generate WSDL, enabling injection ...