CVE-2016-6798

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-6798

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-6798.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-6798

Aliases

GHSA-7g54-vgp6-jj5w

Published

2017-07-19T15:29:00Z

Modified

2024-09-03T00:03:00Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In the XSS Protection API module before 1.0.12 in Apache Sling, the method XSS.getValidXML() uses an insecure SAX parser to validate the input string, which allows for XXE attacks in all scripts which use this method to validate user input, potentially allowing an attacker to read sensitive data on the filesystem, perform same-site-request-forgery (SSRF), port-scanning behind the firewall or DoS the application.

References

Affected packages

Git / github.com/apache/sling

Affected ranges

Type: GIT
Repo: https://github.com/apache/sling
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

9e2b822a5a7ef2c30ab58230a9859267fd1588e4