search

qos-ch / reload4j

reload4j is a drop-in replacement for log4j 1.2.17
Apache License 2.0
148 stars 22 forks source link

xml external entity injection #28

Closed ceki closed 2 years ago

ceki commented 2 years ago

https://hdivsecurity.com/bornsecure/prevention-of-xml-external-entity-xxe-attacks/

ceki commented 2 years ago

Fixed in 9fcb7aee895a65d81387