[jira] [Created] (AMQ-9771) Enable secure XML processing in activemq-runtime-config

Jira Wed, 17 Sep 2025 14:11:39 -0700

Sérgio Lemos created AMQ-9771:
---------------------------------

             Summary: Enable secure XML processing in activemq-runtime-config
                 Key: AMQ-9771
                 URL: https://issues.apache.org/jira/browse/AMQ-9771
             Project: ActiveMQ Classic
          Issue Type: Wish
          Components: Plugin
    Affects Versions: 5.x, 6.x
            Reporter: Sérgio Lemos
             Fix For: 6.x



We can enable security features to prevent [XML External Entity Injection 
attacks |https://en.wikipedia.org/wiki/XML_external_entity_attack]in the 
Runtime Configuration Plugin, similarly to how we do in other parts of the 
code: 
https://github.com/search?q=repo%3Aapache%2Factivemq%20disallow-doctype-decl&type=code



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@activemq.apache.org
For additional commands, e-mail: issues-h...@activemq.apache.org
For further information, visit: https://activemq.apache.org/contact

[jira] [Created] (AMQ-9771) Enable secure XML processing in activemq-runtime-config

Reply via email to