Vigil@nce - IBM DataPower Gateway: external XML entity injection via Web UI, analyzed on 27/09/2022
November 2022 by Vigil@nce
An attacker can transmit malicious XML data to IBM DataPower Gateway, via Web UI, in order to read a file, scan sites, or trigger a denial of service.
Plus d'information sur : https://vigilance.fr/vulnerability/IBM-DataPower-Gateway-external-XML-entity-injection-via-Web-UI-39376