-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: None
-
Component/s: contrib - DataImportHandler
-
Labels:None
We got a security report about an XXE attack when using the &dataConfig=<inlinexml> of Solr's DataImportHandler. See the attached PDF file with full details (I converted it to PDF, originally it was a DOC file).
- links to