Vulnerabilities > Eclipse > WEB Tools Platform > High

DATE CVE VULNERABILITY TITLE RISK
2020-07-15 CVE-2019-17637 XXE vulnerability in multiple products
In all versions of Eclipse Web Tools Platform through release 3.18 (2020-06), XML and DTD files referring to external entities could be exploited to send the contents of local files to a remote server when edited or validated, even when external entity resolution is disabled in the user preferences.
local
low complexity
eclipse debian CWE-611
7.1