Security Vulnerability : XXE

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Security Vulnerability : XXE

Ayoub Fathi
Hi,

I found an XXE vulnerability in one of the apps that using Apache POI for
excel upload, although I'm not sure if it's the same XXE that was
previously known because I've seen online an XXE was found on Apache POI.

If you can provide me with an environment, online upload endpoint where I
can test if it's working on the latest or known, so I can report all the
details and get a CVE assigned to it

Thank you! Regards