Posted by Dawid Golunski on Aug 13
=============================================
– Release date: 12.08.2015
– Discovered by: Dawid Golunski
– Severity: High
– CVE-ID: CVE-2015-5161
=============================================
I. VULNERABILITY
————————-
Zend Framework <= 2.4.2 XML eXternal Entity Injection (XXE) on PHP FPM
Zend Framework <= 1.12.13
II. BACKGROUND
————————-
– Zend Framework
“Zend Framework 2 is an open source…