CVSS: 6.5EPSS: 6%CPEs: 6EXPL: 0CVE-2013-6407 – Solr: XML eXternal Entity (XXE) flaw in XML and XSLT UpdateRequestHandler
https://notcve.org/view.php?id=CVE-2013-6407
07 Dec 2013 — The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. El UpdateRequestHandler de XML en Apache Solr anteriores a 4.1 permite a atacantes remtos tener un impacto no especificado a través de datos XML conteniendo una declaración de entidad externa en conjunción con una referencia a entidad, relacionado con un p... • http://rhn.redhat.com/errata/RHSA-2013-1844.html •
CVSS: 6.5EPSS: 6%CPEs: 10EXPL: 0CVE-2013-6408 – Solr: XML eXternal Entity (XXE) flaw in DocumentAnalysisRequestHandler
https://notcve.org/view.php?id=CVE-2013-6408
07 Dec 2013 — The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6407. El DocumentAnalysisRequestHandler en Apache Solr anteriores a 4.3.1 no utiliza correctamente el EmptyEntityResolver, lo... • http://rhn.redhat.com/errata/RHSA-2013-1844.html •