XML External Entity (XXE) Vulnerability in RealObjects PDFreactor before 10.1.10722

XML External Entity (XXE) Vulnerability in RealObjects PDFreactor before 10.1.10722

CVE-2019-12154 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:P

XXE in the XML parser library in RealObjects PDFreactor before 10.1.10722 allows attackers to supply malicious XML content in externally referenced resources, leading to disclosure of local file contents and/or denial of service conditions.

Learn more about our External Network Penetration Testing.