ccl-testing icon indicating copy to clipboard operation
ccl-testing copied to clipboard
verified publisher icon cerner

Missing XML Validation

Open QiAnXinCodeSafe opened this issue 5 years ago • 0 comments

https://github.com/cerner/ccl-testing/blob/e62f1f8d30ca8e6a55570b0236b343188125c9f1/cerreal-maven-plugin/src/main/java/com/cerner/ccl/testing/xsl/XslAPI.java#L133

Failure to enable validation when parsing XML gives an attacker the opportunity to supply malicious input.

QiAnXinCodeSafe avatar Jan 21 '20 10:01 QiAnXinCodeSafe