-
Type:
Improvement
-
Status: Resolved
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 1.3.0
-
Fix Version/s: None
-
Component/s: Core Framework
Since data flows can generally deal with non-trusted data, the processors should handle it in a secure manner.
In case of XML there are various known vulnerabilities - OWASP. Some can be mitigated via XML parser/XSLT Processor features.
The TransformXml processor should have a setting enabling these secure settings.
- links to
