[
https://issues.apache.org/jira/browse/CAMEL-8311?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Christian Müller updated CAMEL-8311:
------------------------------------
Description:
The XMLConverter creates issues when converting XML Documents for SAXSource.
DOM and StAX parsing is not affected.
was:
The XMLConverter will allow XMLExternalEntity (XXE) injection when converting
XML Documents for SAXSource.
DOM and StAX parsing is not affected as the respective feature is already set
for those type converters (but not for the SAXSource conversion).
See the unit test contained in the patch for details
> XML External Entity (XXE) issue in XmlConverter
> -----------------------------------------------
>
> Key: CAMEL-8311
> URL: https://issues.apache.org/jira/browse/CAMEL-8311
> Project: Camel
> Issue Type: Improvement
> Components: camel-core
> Affects Versions: 2.13.3, 2.14.1
> Reporter: Stephan Siano
> Assignee: Claus Ibsen
> Fix For: 2.13.4, 2.14.3, 2.15.0
>
>
> The XMLConverter creates issues when converting XML Documents for SAXSource.
> DOM and StAX parsing is not affected.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
