Description
org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion, which allows remote attackers to read arbitrary files via unspecified vectors, related to an XML External Entity (XXE) issue.
Remediation
References
Related Vulnerabilities
WordPress Plugin Form Builder CP Unspecified Vulnerability (1.2.15)
WordPress Plugin Google Doc Embedder Cross-Site Scripting (2.5.18)
XWikiplatform Missing Authorization Vulnerability (CVE-2025-29926)
WordPress Plugin Advanced Page Manager Cross-Site Scripting (1.4.1)
WordPress Plugin PayGreen-Ancienne version Cross-Site Request Forgery (4.10.2)