Vulnerabilities > CVE-2017-6344 - XXE vulnerability in Grails PDF Plugin 0.6

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
grails
CWE-611
NVD
Published: 2017-02-27
Updated: 2017-03-02

Summary

XML External Entity (XXE) vulnerability in Grails PDF Plugin 0.6 allows remote attackers to read arbitrary files via a crafted XML document.

Vulnerable Configurations

Part Description Count
Application
Grails
1

Common Weakness Enumeration (CWE)

References