The XML-RPC protocol support in Apache Roller before 5.0.3 allows attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.
References
Link | Resource |
---|---|
https://liftsecurity.io/advisories/Apache_Roller_XML-RPC_susceptible_to_XXE/ | Third Party Advisory URL Repurposed |
https://mail-archives.apache.org/mod_mbox/roller-dev/201401.mbox/%3CCAF1aazCMzDGB12Ls4t-SOwNA=OdguD010LX3yZGhk2GQHafFXw%40mail.gmail.com%3E | |
https://www.exploit-db.com/exploits/45341/ | Exploit Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2017-10-09T14:00:00
Updated: 2018-09-08T09:57:01
Reserved: 2013-12-03T00:00:00
Link: CVE-2014-0030
JSON object: View
NVD Information
Status : Modified
Published: 2017-10-10T01:30:20.250
Modified: 2024-02-14T01:17:43.863
Link: CVE-2014-0030
JSON object: View
Redhat Information
No data.
CWE