xml injection

Oracle ADF < 12.1.2 – XML External Entity Injection (XXE) Vulnerability

Posted on Updated on

Product & Service Introduction;

In computing, Oracle Application Development Framework, usually called 
Oracle ADF, provides a commercial Java framework for building enterprise 
applications. It provides visual and declarative approaches to Java EE development. 
It supports rapid application development based on ready-to-use design patterns, 
metadata-driven and visual tools.

Exploitation Technique;

Remote, Authenticated

Read the rest of this entry »

This entry was posted in Disclosure and tagged , , , , .