A blind XPath injection vulnerability was discovered in Apache Software Foundation Apache Ivy, which allows threat actors to exfiltrate data and access sensitive information that is restricted to only the machine that runs Apache Ivy. This vulnerability exists in the parsing of XML files in versions lesser than 2.5.2 while parsing its own configuration, Maven […]

The post Apache Ivy Injection Flaw Let Attackers Exfiltrate Sensitive Data appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Eswar

Source: gbHackers
Source Link: https://gbhackers.com/apache-ivy-injection-flaw/