Description
The product does not restrict a reference to a Document Type Definition (DTD) to the intended control sphere. This might allow attackers to reference arbitrary DTDs, possibly causing the product to expose files, consume excessive system resources, or execute arbitrary http requests on behalf of the attacker.
Latest vulnerabilities for CWE-827
No vulnerabilities found using your search criteria
References
Description of CWE-827 on Mitre website