Castor Project: >> Castor >> 1.3.2 Security Vulnerabilities
The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XML document.
CVSS Score
4.3
EPSS Score
0.008
Published
2014-06-11