poi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ayoub Fathi <jamsewi...@gmail.com>
Subject Security Vulnerability : XXE
Date Thu, 22 Aug 2019 13:33:26 GMT

I found an XXE vulnerability in one of the apps that using Apache POI for
excel upload, although I'm not sure if it's the same XXE that was
previously known because I've seen online an XXE was found on Apache POI.

If you can provide me with an environment, online upload endpoint where I
can test if it's working on the latest or known, so I can report all the
details and get a CVE assigned to it

Thank you! Regards

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message