BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
[RT-SA-2016-008] XML External Entity Expansion in Ladon Webservice Nov 09 2017 12:09PM
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: XML External Entity Expansion in Ladon Webservice

Attackers who can send SOAP messages to a Ladon webservice via the HTTP
interface of the Ladon webservice can exploit an XML external entity expansion
vulnerability and read local files, forge server side requests or overload the
service w...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus