Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
An XML external entity (XXE) injection vulnerability exists in the Apache Any23 RDFa XSLTStylesheet extractor
Vulnerability Description
An XML external entity (XXE) injection vulnerability was discovered in the Any23 RDFa XSLTStylesheet extractor and is known to affect Any23 versions < 2.7. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML data. It often allows an attacker to view files on the application server filesystem, and to interact with any back-end or external systems that the application itself can access. This issue is fixed in Apache Any23 2.7.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache Any23 代码问题漏洞
Vulnerability Description
Apache Any23是美国阿帕奇(Apache)基金会的一个库、Web 服务和命令行工具。可从各种 Web 文档中提取 RDF 格式的结构化数据。 Apache Any23 2.7之前版本存在代码问题漏洞,攻击者可利用该漏洞干扰应用程序对XML数据的处理,查看应用程序服务器文件系统上的文件,并与应用程序本身可以访问的任何后端或外部系统进行交互。
CVSS Information
N/A
Vulnerability Type
N/A