SAP NetWeaver AS JAVA 7.4 XXE Injection
Posted by deepcore on July 16, 2016 – 3:46 am
An attacker can trigger an XML Entity Expansion or XML External Entity Injection. This causes the entire machine to become unresponsive until the process is terminated manually. An attacker can use this flaw to perform a denial-of-service (DoS) attack. SAP NetWeaver AS JAVA version 7.4 is affected.
Post a reply
You must be logged in to post a comment.