]> was injected into the XML of the client's POST request. This tag defines an external entity, xxe8295c, which references a file on the XML parser's filesystem. This entity was then used within a data field in the XML document. The server's response contains the contents of the specified file, indicating that the parser processed the injected external entity." />
The dashboardXml parameter is vulnerable to XML external entity injection. The tag ]> was injected into the XML of the client's POST request. This tag defines an external entity, xxe8295c, which references a file on the XML parser's filesystem. This entity was then used within a data field in the XML document. The server's response contains the contents of the specified file, indicating that the parser processed the injected external entity.
A Full Description is available for this threat, please sign in for access to Full Description.