Description
It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.
Remediation
References
Related Vulnerabilities
WordPress Plugin Integration for Gravity Forms and Pipedrive Cross-Site Scripting (1.0.6)
Oracle Database Server CVE-2014-6560 Vulnerability (CVE-2014-6560)
WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Cross-Site Scripting (1.4)
Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.5)
WordPress Plugin Login With Ajax Cross-Site Request Forgery (3.0.4.1)