Apache · Apache Wink · CVE-2010-2245
Name of the Vulnerable Software and Affected Versions:
Apache Wink versions 1.1.1 and earlier
Description:
The issue allows remote attackers to read arbitrary files or cause a denial of service via a crafted XML document.
Recommendations:
For Apache Wink versions 1.1.1 and earlier, consider disabling XML external entity processing until a patch is available. Restrict access to sensitive files and directories to minimize the risk of exploitation.