Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Disable XML External Entity load in XmlUtil.java in tests #6133
An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.
Where the Issue Occurred
The following code snippets display the usage of
this is in the
@ProDigySML You didn't find any issues with the code under the
referenced this issue
Mar 15, 2019
we deploy our test jar to maven central , example http://repo1.maven.org/maven2/com/puppycrawl/tools/checkstyle/8.18/ , so potentially users can reuse out tests classes in their applications/plugins/.... .