Apache XML Security for C++ Library Allows for Server-Side Request Forgery
Mandiant Blog·older·Reputable
Written by: Jacob Thompson The Apache XML Security for C++ library, code named xml-security-c, is part of the Apache Santuario project. The library implements the XML Digital Signature and the XML Signature specifications, making them available to C++ developers. By default, the library resolves references to external URIs passed in Extensible Markup Language (XML) signatures, allowing for server-side request forgery (SSRF). There is no way to disable this feature through configuration alone, an
Categories cybersecurity · government-security · unknown-it-category-15
Original source / advisory ↗Published
4/9/2024, 2:00:00 PM
Fetched
6/7/2026, 6:19:33 AM
Trust
reputable · 80/100
Language
en