Description
It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.
Remediation
References
Related Vulnerabilities
Perl Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2827)
WordPress Plugin WP-Cal 'id' Parameter SQL Injection (0.3)
WordPress Plugin Advanced Order Export For WooCommerce Cross-Site Scripting (3.1.3)
WordPress Plugin SAM Pro (Free Edition) Local File Inclusion (1.9.6.67)
Oracle Database Server Improper Input Validation Vulnerability (CVE-2018-1000873)