Security Advisory

CVE-2016-5000

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2016-08-05 14:00:00

Last updated 2024-08-06 00:46:40

Assigner redhat

State PUBLISHED

Description

The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a crafted OpenXML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

← Browse all CVEs View on cve.org ↗