Vulnerabilities > CVE-2017-6344 - XXE vulnerability in Grails PDF Plugin 0.6

047910
CVSS 5.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
local
low complexity
grails
CWE-611
NVD
Published: 2017-02-27
Updated: 2017-03-02

Summary

XML External Entity (XXE) vulnerability in Grails PDF Plugin 0.6 allows remote attackers to read arbitrary files via a crafted XML document.

Vulnerable Configurations

Part Description Count
Application
Grails
1

Common Weakness Enumeration (CWE)

References