Description
org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion, which allows remote attackers to read arbitrary files via unspecified vectors, related to an XML External Entity (XXE) issue.
Remediation
References
Related Vulnerabilities
WordPress Plugin Brizy-Page Builder Unspecified Vulnerability (2.4.45)
WordPress Plugin VK All in One Expansion Unit Cross-Site Scripting (9.85.0.1)
MySQL CVE-2016-5507 Vulnerability (CVE-2016-5507)
Liferay DXP Session Fixation Vulnerability (CVE-2023-47798)
Atlassian Jira CVE-2019-20403 Vulnerability (CVE-2019-20403)