Description
Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP request. This affects use of the Jax-rs extension.
Remediation
References
Related Vulnerabilities
WordPress Plugin Fonts-Google Fonts Typography Cross-Site Scripting (3.0.2)
WordPress Plugin Quick Page/Post Redirect Cross-Site Request Forgery (5.0.4)
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2011-4317)
Oracle Application Server CVE-2007-5518 Vulnerability (CVE-2007-5518)
WordPress Plugin WP Mailto Links-Manage Email Links Cross-Site Scripting (2.0.1)