xml2rfc has an arbitrary file read vulnerability
When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the XML.
When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the XML.
Version 3.12.0 changed xml2rfc so that it would not access local files without the presence of its new –allow-local-file-access flag. This prevented XML External Entity (XXE) injection attacks with xinclude and XML entity references. It was discovered that xml2rfc does not respect –allow-local-file-access when a local file is specified as src in artwork or sourcecode elements. Furthermore, XML entity references can include any file inside the source dir and below …
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in xml2rfc.