Security Advisory

CVE-2017-14868

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-11-30 18:00:00

Last updated 2024-08-05 19:42:21

Assigner mitre

State PUBLISHED

Description

Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP request. This affects use of the Jax-rs extension.

← Browse all CVEs View on cve.org ↗