Category: External Entity Injection

CVE-2016-10097, Open AM 10.1.0, XML Injection, XXE, External Entity Resolution, SSO Data Exfiltration, PoC

TL;DR – Open AM 10.1 exploitable via XXE at /SSOPOST/metaAlias/%realm%/idpv2 XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/idpv2 in OpenAM – Access Management 10.1.0 allows remote attackers to read arbitrary files via the SAMLRequest parameter. XXE is a means to an RCE Endpoint. XXE provides visibility into the Target System. You may find old JBOSS, PHP, Tomcat, Apache or […]