Description
Apache Tika is vulnerable to XML External Entity (XXE) processing attacks. This vulnerability can allow an attacker to access files on the file system and/or take down the portal (denial of service).
Workaround: Limit add and update document permission in the Document and Media application to trusted users.
Severity
Severity 1
Fixed Version(s)
Publication date: Mon, 26 Jun 2017 09:00:00 +0000