Rick Hillegas created DERBY-6807:
------------------------------------
Summary: XXE attack possible by using XmlVTI and the XML datatype
Key: DERBY-6807
URL: https://issues.apache.org/jira/browse/DERBY-6807
Project: Derby
Issue Type: Bug
Affects Versions: 10.11.1.1
Reporter: Rick HillegasThe Derby XML datatype and XmlVTI can be exploited, via XXE-based attacks, to expose sensitive information or launch denial-of-service assaults. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
