๐ SAP Sybase Adaptive Server Enterprise 15.7 ESD 2 XML External Entity XMLParse code injection
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vuldb.com
A vulnerability, which was classified as problematic, was found in SAP Sybase Adaptive Server Enterprise 15.7 ESD 2. Affected is the function XMLParse
of the component XML External Entity Handler. Applying a patch is able to eliminate this problem. The bugfix is ready for download at sybase.com. It is possible to mitigate the problem by applying the configuration setting Disable XXE
. The best possible mitigation is suggested to be patching the affected component. A possible mitigation has been published 2 weeks after the disclosure of the vulnerability. ...