Plugin for easy and fast development to enable developers of Android Apps to connect to Office 365 services and Azure Mobile Services, and developers of Java middleware to connect to Azure compute services
The xml string is parsed in the getXMLValue method in XmlHelper.java, but the xml external entity is not disabled. When the xml is controlled by the attacker, the xxe attack may be constructed by constructing a malicious xml string.
The xml string is parsed in the getXMLValue method in XmlHelper.java, but the xml external entity is not disabled. When the xml is controlled by the attacker, the xxe attack may be constructed by constructing a malicious xml string.