View source for XML External Entity vulnerability in map parser

From Freeplane - free mind mapping and knowledge management software

← XML External Entity vulnerability in map parser

You do not have permission to edit this page, for the following reason:

---

You can view and copy the source of this page.

Reported on 2017/02/19 Fix released on 2017/04/15 Reported by Wojciech Reguła, https://www.linkedin.com/in/wojciech-regula/ ==Description of Vulnerability== The vulnerability allowed to download any file from victim's computer when the victim opens the malicious mindmap. The vulnerability pattern is described at https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing. [[Category:Security]]

Return to XML External Entity vulnerability in map parser.