CVE-2021-23901 – An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParse …

25 January 2021

Vuln ID: CVE-2021-23901

Published: 2021-01-25 10:16:33Z

Description: An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application’s processing of XML data. It often allows an attacker to view files on the application server filesystem, and to interact with any back-end or external systems that the application itself can access. This issue is fixed in Apache Nutch 1.18.

Source: NVD.NIST.GOV

Date:

25 January 2021

Categorie(s):

NVD

Tag(s):

NVD

Sorenson Capital leads $7.95M seed investment in cyberthreat intelligence provider VulnCheck19 April 2024
How AI Enhances Cybersecurity: Expert Insights from Khurram Mir of Kualitatem19 April 2024
LastPass users targeted by vishing attackers19 April 2024
Hackers Target Middle East Governments with Evasive “CR4T” Backdoor19 April 2024
6 Surprising Ways Hackers Can Exploit Your Smart Home Devices19 April 2024