CVE-2016-6798

Name of the Vulnerable Software and Affected Versions Apache Sling versions prior to 1.0.12

Description The issue concerns the XSS Protection API module in Apache Sling, where the method XSS.getValidXML() uses an insecure SAX parser to validate input strings. This allows for XXE attacks in scripts that use this method for user input validation, potentially enabling an attacker to read sensitive filesystem data, perform same-site request forgery (SSRF), conduct port scanning behind firewalls, or cause a denial-of-service (DoS) condition.

Recommendations For versions prior to 1.0.12, update to version 1.0.12 or later to resolve the issue. As a temporary workaround, consider disabling the XSS.getValidXML() method until a patch is available. Restrict access to sensitive data and limit the application's ability to make external requests to minimize the risk of exploitation.