Menu
▾
▴
xmlfield-users — XmlField User list
You can subscribe to this list here.
| 2011 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(1) |
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2013 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Nicolas R. <nic...@gm...> - 2013-05-24 21:10:57
|
Issue: 0000051: SECURITY : XXE vulnerability https://sourceforge.net/apps/mantisbt/xmlfield/view.php?id=51 See : https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing [^] Il you use XmlField <= 0.9 to read user-provided documents, you are vulnerable to XXE. Issue is fixed in 0.10. Please upgrade ASAP. -- Nicolas |
|
From: Nicolas R. <nic...@fr...> - 2011-11-23 18:29:25
|
Hi all, The following Mantis entry describes the (major) API changes I'd like to perform on XmlField : https://sourceforge.net/apps/mantisbt/xmlfield/view.php?id=5 Feel free to comment the bug, especially if this is an issue for you. -- Nicolas |
