Summary
SOAPpy is prone to an information-disclosure
vulnerability
Impact
An attacker can exploit this issue to obtain sensitive information
this may lead to further attacks.
Solution
Ask the vendor for an update.
Insight
Processing of an external entity containing tainted data may lead to disclosure of confidential information and other system impacts.
Affected
SOAPpy <= 0.12.5 is vulnerable.
Detection
Send a special crafted HTTP POST XXE request and check the response.
References
Updated on 2015-03-25
