Apache Karaf CVE-2018-11788 XML External Entity Injection Vulnerability
Apache Karaf is prone to an XML External Entity injection vulnerability.
Attackers can exploit this issue to bypass security restrictions or obtain potentially sensitive information. This may lead to further attacks.
The following versions of product are vulnerable:
Apache Karaf 4.1.0 through 4.1.6
Apache Karaf 4.2.0 and 4.2.1