IBM Security Bulletin: A Vulnerability in OpenSource Apache Taglibs Vulnerability affect Content Integrator (CVE-2015-0254)
A Vulnerability in OpenSource Apache Taglibs Vulnerability affect Content Integrator. Apache Standard Taglibs could allow a remote attacker to execute arbitrary code on the system, caused by an XML External Entity Injection (XXE) error when processing XML data. By sending specially-crafted XML data, an attacker could exploit this vulnerability to execute
CVE(s): CVE-2015-0254
Affected product(s) and affected version(s):
Content Integrator 8.6
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2f4NeNm
X-Force Database: http://ift.tt/1syxSqm
from IBM Product Security Incident Response Team http://ift.tt/2f4JqeX