-
Bug
-
Resolution: Fixed
-
P4
-
None
-
JMC 8.2 Sprint 2
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JMC-7424 | 8.1.1 | Marcus Hirt | P4 | Resolved | Fixed | |
JMC-7711 | 8.0.1 | Marcus Hirt | P4 | Resolved | Fixed |
Our security vulnerabilities scanner found insecure XML parsing:
Type of attack: XML External Entity(XXE) injection (https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing)
Prevention: https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html