XML External Entity Injection (XXE) Vulnerability in Spring Batch

XML External Entity Injection (XXE) Vulnerability in Spring Batch

CVE-2019-3774 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.

Learn more about our External Network Penetration Testing.