https://bugzilla.redhat.com/show_bug.cgi?id=1933816
--- Comment #14 from Todd Cullum <tcullum(a)redhat.com> ---
Flaw summary:
src/main/java/org/apache/xmlgraphics/xmp/XMPParser.java loaded external DTDs
which could allow an malicious attacker to perform a server-side request
forgery attack and execute arbitrary GET requests on the victim server. This
could lead to compromise of data confidentiality and/or integrity.
--
You are receiving this mail because:
You are on the CC list for the bug.